Re: Hierarchical Jetspeed Security

Sun, 02 Mar 2003 08:56:45 -0800

webguy wrote:
Hi, I'm new to Jetspeed so be gentle :-) I have a security question.

I'm looking to create a site that has sub-sites

eg :    site                            <--- [a]     all users are members of this site
        \------- sub site       <--- [b]     A subset of all users are members of one 
or
more sub-sites
                \------portlet  <--- [c]     A subset of [b] have permissions
                                                        for different portlets within 
a subsite.


Subsites would go into different Turbine "group" (which is really some thing more alike realm, i.e. group *of resources*). A PSML resource provides a group for security checks, a request provides a user. This extends the security model.


Permissions for portlets in [b] are to be managed by a sub-site editor..


This would depend on having different persons with the *admin* role in different groups.

A user can have individual permissions for portlets in a subsite
A user can have one or many roles in a given subsite


Can the jetspeed security system handle this or would I have to role my own?


The group based security I was working on is about exactly this. These where the user requirements that I coped with.

The problem is that I could not, at the same time, develop it, *and* have a stable code base for our project, *and* track the heavy code changes in jetspeed around mid-2002, so I have these changes sitting in my disk.

It works for Jetspeed 1.3b3, something roughly equivalent to jetspeed HEAD around June 2002.

I offered recently to start committing those changes in the 1.3b3 branch, to have them merged later in to HEAD.

I think jetspeed desperately needs som API clean up. A big part of the problems I have found are due to redundant/incompatible public methods, or people relying in AbstractPortlet methods not in Portlet CacheablePortlet or PortletState.

I think that, while waiting for the standard proposal (JSR168) to come out, we could:
* release a beta or even a 1.4 release
* clean APIs, and prepare the code base to take on the new developments having a good understanding of the interfaces and dependencies between modules.

Regards,
     Santiago

Thanks WG


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to