Thanks for the link to article, David.  I will take a look at it right now.

David Le Strat wrote:

Scott,

I am -1 on that.  That's why I implemented a security
service using JAAS and RDBMS policies.  If we want to
enforce policies on object (portlets, pages, folders,
etc), we should have matching permissions (see
PortletPermission) where those permissions are mapped
to roles or groups. At least, that was the model, I
had in mind.

The security service enforces the mapping resource to permission and support the role hierarchy structure.

A good reference behind the design is at:

http://www-106.ibm.com/developerworks/java/library/j-jaas/?dwzone=java

The only difference is that we have an RDBMS
implementation + hierarchy support.

I am in favor of pursuing that model.  It is JAAS
compliant and user can eventually swap their own
implementation later on, on a different store.

I have been swamped at work and have had to step back
a bit.

Regards,

David.

--- "Scott T. Weaver"
<[EMAIL PROTECTED]> wrote:


Just want to get everyones input on implementing the
java.security.acl api for supporting ACLs in J2. I think this may
have been discussed before, but I think we need to make a decision so we
can move forward with applying security to portal resources.


The interfaces for java.security.acl are straight
forward and should prove very easy to implement.and it should mesh very
well with the already existing security components.


Regards

--
******************************************
*           Scott T. Weaver              *
*         <[EMAIL PROTECTED]>            *
*     <http://www.einnovation.com>       *
* -------------------------------------- *
*   Apache Jetspeed Enterprise Portal    *
*     Apache Pluto Portlet Container     *
*                                        *
* OpenEditPro, Website Content Mangement *
*     <http://www.openeditpro.com>       *
******************************************





---------------------------------------------------------------------


To unsubscribe, e-mail:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]








__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






--
******************************************
*           Scott T. Weaver              *
*         <[EMAIL PROTECTED]>            *
*     <http://www.einnovation.com>       *
* -------------------------------------- *
*   Apache Jetspeed Enterprise Portal    *
*     Apache Pluto Portlet Container     *
*                                        *
* OpenEditPro, Website Content Mangement *
*     <http://www.openeditpro.com>       *
******************************************


--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]



Reply via email to