We did some work on the Jetspeed security features a while back: - added role-based security for registry entries - security maintenance portlets for users, roles, groups - permission checks to access portlets
One thing I personally find outstanding is that we could add better secured access to psml pages. Others on the list have had proposals about how security 'should' work, but its often difficult to find a consensus. The role-based security approach based on the turbine security model has some loopholes. I believe a better security model would be one like the one described in the security proposal by the SAP developers in the cvs under /proposals/0004.txt. (I just read that SAP bought TopTier - a commercial portal ) however the proposed security model would take a larger development effort. ----- Original Message ----- From: "ICM S Op Guest 5" <[EMAIL PROTECTED]> To: "Jetspeed Users List" <[EMAIL PROTECTED]> Sent: Wednesday, November 28, 2001 7:55 AM Subject: JS Groups-Roles-Permissions > Hi, > > is there anybody working on these? > Is there a scheme or a structure available which shows how this is planned/should be implemented for/into jetspeed? > > Andreas > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
