portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ate Douma (JIRA)" <jetspeed-...@portals.apache.org>
Subject [jira] Commented: (JS2-872) PermissionSecurityHandler for LDAP
Date Fri, 29 Aug 2008 10:04:44 GMT

    [ https://issues.apache.org/jira/browse/JS2-872?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12626923#action_12626923

Ate Douma commented on JS2-872:

Work for the issues JS2-870, JS2-872 and JS2-873 will commence in the separate security-refactoring
branch (branched off the JS2-869 branch).

> PermissionSecurityHandler for LDAP
> ----------------------------------
>                 Key: JS2-872
>                 URL: https://issues.apache.org/jira/browse/JS2-872
>             Project: Jetspeed 2
>          Issue Type: New Feature
>          Components: Security
>    Affects Versions: 2.2
>            Reporter: Ate Douma
>            Assignee: Ate Douma
>             Fix For: 2.2
>   Original Estimate: 72h
>  Remaining Estimate: 72h
> Right now, Jetspeed only has a database based PermissionManagerImpl.
> In contrast to the other security components for User,Role,Group there is no corresponding
PermissionSecurityHandler for abstracting the backend implementation.
> Adding a PermissionSecurityHandler and corresponding DefaultPermissionSecurityHandler
(for the database) and a LdapPermissionSecurityHandler
> also requires extending the SecurityMappingHandler interface and delegating the current
db access in PermissionManagerImpl to the PermissionSecurityHandler.
> Related to this is the RdbmsPolicy class (name) which really hooks the PermissionManager
into the Java security system.
> Although this class is call RdbmsPolicy, actually it has no ties to the database at all,
only to the PermissionManager.
> By providing an LDAP backend for the permissions, we can still use the RdbmsPolicy, nevermind
its name  :) 
> But maybe we should rename it to JetspeedPolicy in the future for clarity. 

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

View raw message