portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Sean Taylor <d.tay...@onehippo.com>
Subject Re: No securityAccessController in custom PortletSelector
Date Thu, 15 Jul 2010 16:48:08 GMT
On Thu, Jul 15, 2010 at 2:09 PM, bhardage <bhardage@harding.edu> wrote:
> This is actually a duplicate of another post I made as a reply to another
> question, but I decided it deserved its own post:
> First, let me say that I know fairly little about how Jetspeed's security
> works, and I'm hoping that there's a simple solution such as adding a
> <security-constraint> tag somewhere.
> Basically, I have a class that extends the
> org.apache.jetspeed.portlets.selector.PortletSelector class (one of the
> classes in j2-admin). It overrides the init() function, and calls
> PortletSelector's init() on the first line.
> What's happening is PortletSelector is throwing an exception because it
> can't find a securityAccessController in the context.
> My user-portlet-selector.psml file just has a standard oneColumn fragment in
> it, and the definition in the portlet.xml looks like this:
> <portlet id="DashboardSelector">
>  <init-param>
>    <description>This parameter sets the template used in view
> mode.</description>
>    <name>ViewPage</name>
>    <value>/WEB-INF/view/selectors/user-portlet-selector.vm</value>
>  </init-param>
>  <portlet-name>DashboardSelector</portlet-name>
>  <display-name>DashboardSelector</display-name>
>  <description>DashboardSelector</description>
> <portlet-class>org.fake.portletSelector.DashboardPortletSelector</portlet-class>
>  <expiration-cache>-1</expiration-cache>
>  <supports>
>    <mime-type>text/html</mime-type>
>    <portlet-mode>VIEW</portlet-mode>
>    <portlet-mode>EDIT</portlet-mode>
>    <portlet-mode>HELP</portlet-mode>
>  </supports>
>  <supported-locale>en</supported-locale>
>  <portlet-preferences>
>    <preference>
>      <name>WindowSize</name>
>      <value>100</value>
>    </preference>
>    <preference>
>      <name>parallel</name>
>      <value>true</value>
>      <read-only>true</read-only>
>    </preference>
>  </portlet-preferences>
> </portlet>
> I guess the real problem is that I don't really know what a
> securityAccessController is.
The securityAccessController is a Jetspeed service. From the service
interface javadocs, here is a description:

This component abstracts access to security checks.
Jetspeed supports two kinds of secured access:
 * Permissions
 * Constraints

 Permissions are checked via Java Security. Jetspeed implements its
own security policy.
 Constrainted are checked via the Page Manager's constraints.
 Either way, the implicit Jetspeed Security Subject is applied to the
security access check.

There are two methods on this interface:

    boolean checkPortletAccess(PortletDefinitionComposite portlet, int mask);

     * Checks access for the implicit active subject's access to the
resource protected by the portlet permission
     * This is an abstraction introduced in 2.1 for Permission Manager
implementations NOT
     * founded upon the a Java security policy. If the Permission
Manager is configured to
     * run with Security Constraints, then a security constraint check
is made. Otherwise,
     * a standard Java Security permission check is made.</p>
     * @param portlet The portlet to be checked
     * @param mask A mask <code>JetspeedActions</code> such as view, edit
     * @return true if access is granted, false if access denied based
on policy or constraints

    int getSecurityMode();

     * Returns the configured security mode for this accessor
     * This component can be configured to make Java Security Policy
permission checks
     * or Jetspeed Security Constraint checks
     * @return either PERMISSIONS or CONSTRAINTS

You said you are extending the
org.apache.jetspeed.portlets.selector.PortletSelector class from the
j2-admin application. (It sounds like you are using version 2.1.3). Im
not sure why it would fail to find the securityAccessController
service on init. Is your class deployed inside the j2-admin web
application? Could you send the stack trace?

To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

View raw message