Hi Mark, I've made some tests and I've got some questions on JetSpeedSecurity.prop.
To make my tests, I've created a simple portlet with no security-ref tag inside. I have changed the default settings as follow services.JetspeedSecurity.permission.default.anonymous=view, minimize, maximize services.JetspeedSecurity.actions.anon.disable=false With these two options, an unlogged user (anon) should be able only to view, minimize and maximize my simple portlet, because no permissions are defined by default to the portlet (I think) but really he see all the actions available (customize, close, maximize and so on). The same thing happens by default to panels customize buttons... It seems that the default.anonymous entry is not read at all. How can I use these two options to make available by default view, minimize and maximize options to the anon visitor? Thanks, Dariush. -----Messaggio originale----- Da: Mark Orciuch [mailto:[EMAIL PROTECTED]] Inviato: gioved� 26 settembre 2002 22.32 A: Jetspeed Users List Oggetto: RE: Role for the unlogged user, othr questions Dariush, According to this http://www.mail-archive.com/[email protected]/msg04847.html, the role-based permissions are maintained for backward compatibility. I can't confirm that by examining RegistryAccessController class so my conclusion is that it does not work anymore and you have to use the security references. Best regards, Mark C. Orciuch Next Generation Solutions, Ltd. e-Mail: [EMAIL PROTECTED] web: http://www.ngsltd.com > -----Original Message----- > From: Dariush Behboudi [mailto:[EMAIL PROTECTED]] > Sent: Thursday, September 26, 2002 11:00 AM > To: Jetspeed Users List > Subject: Role for the unlogged user, othr questions > > > Another question: I'm trying also to change role permissions using the > 'Security role browser', but nothing seems to change accessing portlets > using modifing role permissions (maybe am I making a mistake?). > > I would prefer to use role-based permissions (defined in the security role > browser) instead of configuring security-regs. > > What do you think about that? > > Thanks, Dariush. > > > Hi everyone, > I need to make possibile for the unregistered users (not logged) to view, > minimize and maximize portlets. > To make this possible I created a new security entry for the 'guest' role, > as follow: > > <security-entry name="guestPerms"> > <meta-info> > <title>guestPerms</title> > <description>guestPerms</description> > </meta-info> > <access action="view"> > <allow-if role="guest"/> > </access> > <access action="maximize"> > <allow-if role="guest"/> > </access> > <access action="minimize"> > <allow-if role="guest"/> > </access> > </security-entry> > > I assigned to a portlet this security Perm, but accessing to the related > pane as visitor (not logged), I'm not able to maximize and minimize, but > only to view the portlet. > > Logging as 'anon' the security-entry is executed correctly. > > Thus, my question is: what's the default role assigned to an > unlogged user? > I belived that accessing jetspeed as a visitor was the same than > logging on > with 'anon' user, but my test demostrates that itsn't so. > > Regards, Dariush. > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
