Question background:(1). JSR 168 specifications does not define any particular security implementation. We can get the authenticated user and its role to control security when we design a portlet. That means each portlet defines its own security mechanism. (2). In JBoss Portal Reference Giude, we were told securing jboss portlet with jboss-portlet.xml. We can configure permissions and assign roles. Then we can use hasPermission(String permission) method of JBossRenderRequest or JBossActionRequest to check user accessing. (3).At the same time, in jBoss portal, there is a permission portlet, in JBoss portal user gudie, we were told we can use this permissionPortlet to manage permissions for portlets.
Questions: 1. What's the differences between Jboss-portlet.xml and permissionPortlet securing mechanism? Are there any references? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3902461#3902461 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3902461 ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
