Scott, I am -1 on that. That's why I implemented a security service using JAAS and RDBMS policies. If we want to enforce policies on object (portlets, pages, folders, etc), we should have matching permissions (see PortletPermission) where those permissions are mapped to roles or groups. At least, that was the model, I had in mind.
The security service enforces the mapping resource to permission and support the role hierarchy structure. A good reference behind the design is at: http://www-106.ibm.com/developerworks/java/library/j-jaas/?dwzone=java The only difference is that we have an RDBMS implementation + hierarchy support. I am in favor of pursuing that model. It is JAAS compliant and user can eventually swap their own implementation later on, on a different store. I have been swamped at work and have had to step back a bit. Regards, David. --- "Scott T. Weaver" <[EMAIL PROTECTED]> wrote: > Just want to get everyones input on implementing the > java.security.acl > api for supporting ACLs in J2. I think this may > have been discussed > before, but I think we need to make a decision so we > can move forward > with applying security to portal resources. > > The interfaces for java.security.acl are straight > forward and should > prove very easy to implement.and it should mesh very > well with the > already existing security components. > > Regards > > -- > ****************************************** > * Scott T. Weaver * > * <[EMAIL PROTECTED]> * > * <http://www.einnovation.com> * > * -------------------------------------- * > * Apache Jetspeed Enterprise Portal * > * Apache Pluto Portlet Container * > * * > * OpenEditPro, Website Content Mangement * > * <http://www.openeditpro.com> * > ****************************************** > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
