I am also +1 on fragment-level security control. -Scott
> -----Original Message----- > From: Prashanth Gujjeti [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 16, 2005 4:34 PM > To: [email protected] > Subject: FW: [J2] Portlet level access > > Hi all, > > I originally posted the below message to the jetspeed-user mailing > list. Some additional comments on why it is preferable to have > fragment-level security access: > > It would simplify the control in terms of specifying what > fragments/portlets can be viewed at all. Ofcourse, you could use the > portlet API to access user roles and control the access based on it. But > it has two disadvantages - > (1) Requires code changes > (2) In terms of UI, the portlet frame would be rendered and we control > the content (which is probably what not everybody wants) > > I put forward this request to reconsider supporting the fragment level > access control in M4, more so because the code already exists. Many > thanks to all developers of Jetspeed! > > - Prashanth > > > -----Original Message----- > From: Randy Watler [mailto:[EMAIL PROTECTED] > Sent: Monday, August 15, 2005 7:16 PM > To: Jetspeed Users List > Subject: Re: [J2] Portlet level access > > Prashanth, > > This was indeed discussed, but we opted to not enforce the security at > the fragment level because there are portlet API tests that allow the > portlets to test and inforce their security requirements as they choose. > > However, we did leave the low level security support in place in case we > wanted to optionally support it at the portlet level some time in the > future. > > Please discuss on the dev list if you think you have a case that > requires portal security enforcement at the portlet level... the future > may be now... > > Randy > > Prashanth Gujjeti wrote: > > >Doug/Randy, and others: > > > >I was following up on the thread below which has a detailed discussion > >on the portlet level access restriction. And Randy suggested that the > >same might be targeted towards M2. > > > >http://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/200412.m > >b > >ox/[EMAIL PROTECTED] > > > >I have the release M3 installed, and I am trying to restrict access to > >certain portlets on a given PSML page based on the user's roles ( by > >defining security-constraints for fragmnets). But, it does not seem to > >be working. So, I was wondering whats the status of the same or if > >there is updated information elsewhere? > > > >Thanks for your help! > > > >- Prashanth > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
