What about using JAAS and container based security. Many of the other portal vendors are going that way including BEA and IBM.
The idea of getting rid of the pre-defined schema would be great and if implemented correctly would still be able handle the small users too. If JAAS isn't used then generic LDAP and SQL query modules in which the sysadmin can customize the query would be great. I have attached a screenshot of a SQL based example from a security product we use. boyd > -----Original Message----- > From: David Sean Taylor [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 28, 2003 6:46 PM > To: Jetspeed Users List > Subject: Re: JetSpeed 2: Turbine or Struts? > > > > On Wednesday, May 28, 2003, at 02:49 PM, Jeff Linwood wrote: > > > Is the security model expected to change between 1.4 and 2.0? > > > > Jeff > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > Well I for one like most of the security model in Jetspeed. > So I'd like to keep it in > > One thing I'd like to get rid of is direct coupling to a pre-defined > schema, i.e. TURBINE_USER, but then again, > we have to consider the needs of other users, who like a portal that > works out of the box with a simple database behind. > I know from my experience, the corporate users need separation of > authentication, single-sign-on, ldap support. > But I don't want to forget the open source users who use Jetspeed to > run smaller sites with minimal configuration > > The portlet API gives us mappable user attributes per portal > application,which will be very useful > I think we should provide a default portal application out of the box > using predefined schemas > > -- > David Sean Taylor > Bluesunrise Software > [EMAIL PROTECTED] > +01 707 773-4646 > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
