portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Oneal" <aon...@tampabay.rr.com>
Subject RE: Jetspeed Security vs. Turbine Security
Date Mon, 29 Jul 2002 19:06:18 GMT
Thanks David, I'll have a look at what it would take to extend Jetspeed
to have this functionality.  I am a little concerned that the changes
might go beyond just writing a new security implementation class and
require me to alter the way portlets and portals are handled as well.
I'll do a little more digging to see how much work would be involved or
if I'd be better to just start with Turbine.

I can appreciate wanting to keep the security layer simple, as the
group/role/user relationship increases complexity in several areas (much
to my dismay), but many enterprise class applications that require a
portal/portlet engine are going to need that level of security
granularity in order to support multiple departments using the same
system.

 - Aaron


-----Original Message-----
From: David Sean Taylor [mailto:david@bluesunrise.com] 
Sent: Monday, July 29, 2002 1:21 PM
To: Jetspeed Developers List
Subject: RE: Jetspeed Security vs. Turbine Security

Aaron,

We implement a Turbine-like services.
The database schema is the same, but the Turbine services are no longer
used.
I understand your needs for having the group/role/user relationship.
However I found this relationship to be overcomplicated in most cases
and
chose not to implement the default service this way.

I have no plans to update it, but it should be easy enough to extend or
write your own security services.
Another developer (Santiago) also has stated that he prefers the
group/role/user relationship.

David

> -----Original Message-----
> From: Aaron Oneal [mailto:aoneal@tampabay.rr.com]
> Sent: Monday, July 29, 2002 9:54 AM
> To: jetspeed-dev@jakarta.apache.org
> Subject: Jetspeed Security vs. Turbine Security
>
>
> Hello,
>
> I have been looking over the group support provided by Turbine vs.
> Jetspeed, and I am not clear on the direction Jetspeed is heading in
> that area, so I was hoping someone might be able to clarify.  It seems
> that in Jetspeed, users can belong to a group, and this has nothing to
> do with their role.  So if the user is an "Administrator", they're an
> administrator in every group they belong to.
>
> With Turbine, however, users are assigned a role in a group as opposed
> to just having a role or just belonging to a group.  This allows more
> flexibility since a user can have different roles depending on the
group
> they belong to.
>
> Are there any plans to update Jetspeed's security model to be more in
> line with what Turbine offers?
>
> Thank you,
> Aaron


--
To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>


Mime
View raw message