David, See below. David wrote:
> Hi, > > I'm trying to get a good understanding of the new security model. > I've read the security proposal (several times) and I've been > perusing the configuration files. There are a couple of things I'm > not clear on. These are the things that are obvious to me. > > 1) there is a many-to-many relationship between users and roles Yes, although this is dictated by the implementation. In the case of the implementation distributed with Jetspeed, their is many-to-many relationship between users and roles. > > 2) there is a many-to-many relationship between roles and permissions Yes, although this is dictated by the PortalAuthentication implementation. In the case of the registry implementation distributed with with Jetspeed, their is many-to-many relationship between roles and actions. For a security reference, you can define actions based on roles and users. > > But I'm not clear on what is the definition of a "Security ID"? How > is it really different from a role? A security ID, also called called a security reference, describes allowable actions for specific users and roles. See the "default" security entry in security.xreg for an example of a security-entry that grants different actions based on and role. > Also, what is the difference > between actions and permissions. It seems like they are the same > thing. Yes, action and permissions are the same. > And is it true that groups are not implemented with this > new security model? Not completely true, although I do now know the complete answer to this question. > > Thanks > > -Dave > > Paul Spencer -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
