On Thursday, November 20, 2003, at 02:56 AM, Sami Leino wrote:
Done, do a CVS update to get the changesThe Profiler interface already has createProfileLocator() method.
Just need to make it configurable via the properties file and load your
locator I can make this change easily if you. I will do it today
That would be a nice thing to have. If you have some spare time and see this feature useful, please go ahead. Just make sure that the implementation defaults to the standard ProfileLocator when the custom class has not been excplicitly defined in the property file.
Jetspeed doesn't actually use Groups for its own purpose, it just always defaults the group to "Jetspeed". I think you could use the Group as the organization. I know that Santiago does this....
I have many times been wondering about the significance of the Group
entity. Isn't it so that the roles are dependent of the groups in the way
that (in theory) user could have role "admin" within group "group1" and
role "user" within group "group2"?
Its the security implementation that hard-codes the Jetspeed group
We still use the Turbine database model, although all the Turbine security has been ripped out
Look at the TURBINE_USER_GROUP_ROLE table
This is the security service represents a user having a role
Its three-way relationship USER + GROUP + ROLE
I think it would be possible to add security checks with the group, requiring a new set of methods on the RoleManagement interface that include a group parameter
Yes I think its worth looking into
At least the LDAP implementation ties roles to groups in that way.
Therefore, I can not totally discard the Jetspeed group, but I could
attach another group to users for representing the organization. When
setting the group to ProfileLocator, I could ignore the "Jetspeed" group
and set the other one to it instead. Then, I could use that information to
locate the profile. Do you see this as a good alternative?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
