Hi Gabriel,
Hi Scott,
This is because the default Jetspeed security implementation is still attached at the hip to turbine. So, there are some remnants of that association that still remain.
If I uderstand the groups are used only to keep some Compatibility
with Turbine?.
Groups can be "morphed" into Realms or Virtual Hosts in the future evolution of Jetspeed, as HTTP has a Security model not completely compatible with java.security.* or JAAS (J2EE security). (This is just a hypothesis, don't trust on it).
The default is using the underlying turbine security.
I may not have understood this question, but there is no association between the two.
Excuse me the question was truncate:
Why the groups doesn't <works> like the groups in the tomcat
administration tools?.
group in turbine means "a group of resources/pages" nor "a group of users". It is more like a HTTP Realm.
This happens when you look at the system from both sides: the Tool Designer will see "groups of pages needing different levels of protection", while the Application Designer or Admin will see "groups of people with common access". This is why names are so dangerous.
Actually the tomcat groups can be mapped as turbine roles, i.e. sets of permissions. Users with the same role in the same turbine group will have the same permissions. There is no way in Turbine-2 to express "groups of users", but you can do the trick if you use a different ROLE for each GROUP_OF_USERS, since changing the permissions of the ROLE will affect all the users having it. Again a user BELONGING to several roles will have the sum of the permissions on those roles.
*And* what you would call ROLE in tomcat is really PERMISSION in turbine. Since the only possible authorization in tomcat comes from the isUserInRole() call. (So you can think of permission VIEW in Jetspeed as role pageviewer in tomcat, etc.)
Funny, isn't it? Don't play much with it, as I guess Jetspeed-2 Security will have to change a lot to be J2EE compatible in the near future.
Yes there is no association between the two. The notion of group is diff�rent between tomcat and jetspeed and that's surprising.
Given the response I got when I asked for java.security.Principal, it is not that surprising:
Request: GET /java.security.Principal
http://www.mail-archive.com/[EMAIL PROTECTED]/msg05244.html
Response: (404 NOT_AVAILABLE_HERE)
http://www.mail-archive.com/[EMAIL PROTECTED]/msg05250.html
;-) (Notice the response comes from the main developer in Turbine-2, for those who don't know)
thank you for your response.
I hope I clarify.
Regards,
Santiago
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
