[
https://issues.apache.org/jira/browse/JS2-872?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12626923#action_12626923
]
Ate Douma commented on JS2-872:
-------------------------------
Work for the issues JS2-870, JS2-872 and JS2-873 will commence in the separate
security-refactoring branch (branched off the JS2-869 branch).
> PermissionSecurityHandler for LDAP
> ----------------------------------
>
> Key: JS2-872
> URL: https://issues.apache.org/jira/browse/JS2-872
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Security
> Affects Versions: 2.2
> Reporter: Ate Douma
> Assignee: Ate Douma
> Fix For: 2.2
>
> Original Estimate: 72h
> Remaining Estimate: 72h
>
> Right now, Jetspeed only has a database based PermissionManagerImpl.
> In contrast to the other security components for User,Role,Group there is no
> corresponding PermissionSecurityHandler for abstracting the backend
> implementation.
> Adding a PermissionSecurityHandler and corresponding
> DefaultPermissionSecurityHandler (for the database) and a
> LdapPermissionSecurityHandler
> also requires extending the SecurityMappingHandler interface and delegating
> the current db access in PermissionManagerImpl to the
> PermissionSecurityHandler.
> Related to this is the RdbmsPolicy class (name) which really hooks the
> PermissionManager into the Java security system.
> Although this class is call RdbmsPolicy, actually it has no ties to the
> database at all, only to the PermissionManager.
> By providing an LDAP backend for the permissions, we can still use the
> RdbmsPolicy, nevermind its name :)
> But maybe we should rename it to JetspeedPolicy in the future for clarity.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
