David Sean Taylor wrote: >We (Paul and I) would like to merge the new Security_14 branch into the >cvs main branch. >All the unit tests have passed. >Could you please review the branch before we merge. >We would like to merge the branch in by Tuesday June 25. > > I have been looking at the branch, but I have not been able to clarify some important issues:
- Is there any way to have groups of pages (realms, turbine's groups) having different permissions for users with the same role? Going back to the current turbine model, can I have users having role "admin" in the group "production" having no "admin" rights in different groups, for instance, in the "global" group or in a "sales" group? This is mandatory for any portal where there are different pages for different kinds of users without having a mess of "productionadmin", "salesuser", "salesadmin", etc. roles, and even more mess with the administration of the PSML resources and portlets. - I can't understand how the "group" thing in the Security proposal fits in. I need more time to study it. - Do you feel that functional testing has gone far enough? I have not had time to compare both implementations, let it alone to run it with any realistic portal. I think merging the code while we still don't have any (positive or negative) feed back is risky. I still have ongoing changes related with the current security model, and I would like to be sure that the new model is at least as expressive as the previous one. Regards, Santiago >Thanks > >To check out the branch: > >cvs co -r security_14 jakarta-jetspeed > >The proposal is located in the cvs at: > >http://cvs.apache.org/viewcvs/jakarta-jetspeed/proposals/Security.txt?re >v=1.5&content-type=text/vnd.viewcvs-markup > > A note for people looking at the proposal: The version in head is *not* the latest. Use the cvs or the one in the checkout with the branch. > > > > > >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
