Gennady,
I think there are two points of confusion here... the PSML based
security constraints are implemented within the PageManager. One can use
the PermissionManager, but one has to enable it in the PageManager
Spring configuration. The PermissionManager is by default RDBMS based.
See the J2 populate*.sql files for examples.
The PageManger will not by default check for other permissions: it uses
'edit' and 'view'. I am assuming that you wish to invoke the standard
AccessController.checkAccess() methods with your custom permission
checks, but I am not sure where from. I would need to hear more about it
to advise further.
HTH,
Randy
Gennady wrote:
Hi developers
I want to extends jetspeed permissions to my own permissions set.
Examlple:
<security-constraints>
<security-constraint>
<roles>boss</roles>
<permissions>viewChart</permissions>
</security-constraint>
</security-constraints>
My own permissions i want store in properties file.
I tested next way:
- created ExtendedPermissionManager extends
org.apache.jetspeed.security.impl.PermissionManagerImpl
- rewrited method checkPermission(Subject subject, final Permission
permission)
- in security-managers.xml changed
class="org.apache.jetspeed.security.impl.PermissionManagerImpl"
to class="com.mycompany.security.ExtendedPermissionManager"
After some tests i not get any results, the method "checkPermission"
is not called.
As i see, all permissions checks by java.security.AccessController and
all permissions exends from PortalResourcePermission ? its right ?
How i can create exdended jetspeed permission manager without modify
PortalResourcePermission ?
Thanks,
Gennady
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
