portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Santiago Gala <sg...@hisitech.com>
Subject Re: Hierarchical Jetspeed Security
Date Sun, 02 Mar 2003 16:57:53 GMT
webguy wrote:
> Hi,  I'm new to Jetspeed so be gentle :-) I have a security question.
> 
> I'm looking to create a site that has sub-sites
> 
> eg : 	site 				<---	[a] 	all users are members of this site
> 	\------- sub site 	<---	[b] 	A subset of all users are members of one or
> more sub-sites
> 		\------portlet	<---	[c] 	A subset of [b] have permissions
> 							for different portlets within a subsite.
> 

Subsites would go into different Turbine "group" (which is really some 
thing more alike realm, i.e. group *of resources*). A PSML resource 
provides a group for security checks, a request provides a user. This 
extends the security model.

> 
> Permissions for portlets in [b] are to be managed by a sub-site editor..
> 

This would depend on having different persons with the *admin* role in 
different groups.

> A user can have individual permissions for portlets in a subsite
> A user can have one or many roles in a given subsite
> 
> 
> Can the jetspeed security system handle this or would I have to role my own?
> 

The group based security I was working on is about exactly this. These 
where the user requirements that I coped with.

The problem is that I could not, at the same time, develop it, *and* 
have a stable code base for our project, *and* track the heavy code 
changes in jetspeed around mid-2002, so I have these changes sitting in 
my disk.

It works for Jetspeed 1.3b3, something roughly equivalent to jetspeed 
HEAD around June 2002.

I offered recently to start committing those changes in the 1.3b3 
branch, to have them merged later in to HEAD.

I think jetspeed desperately needs som API clean up. A big part of the 
problems I have found are due to redundant/incompatible public methods, 
or people relying in AbstractPortlet methods not in Portlet 
CacheablePortlet or PortletState.

I think that, while waiting for the standard proposal (JSR168) to come 
out, we could:
* release a beta or even a 1.4 release
* clean APIs, and prepare the code base to take on the new developments 
having a good understanding of the interfaces and dependencies between 
modules.

Regards,
      Santiago

> Thanks WG
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message