Hi Mike,
I tried to evaluate that before, but I got confused with the Jetspeed security schema so thought of implementing my own SPI.
There are some concepts that I dont understand with the Jetspeed2 security schema. If you can spare some time and clear my doubts, that would really help me.
I dont understand the concept of "full_path" column on security_principal table. It looks like that column would logically fit to the "user_name" concept ?? ...
Honestly speaking, I would think that my security model is very generic simple model so if JAAS is generic enough, and Jetspeed implements JAAS, I should be simply able to map my model somehow to JAAS model.
If you think you can help me a little bit, here are the tables I have -
user (probably can be broken into security_principal and security_credentials tables)
permissions
roles
groups
role_permission
group_role
user_group
Another thing that slightly confuses me is that on jetspeed schema, user is linked to role, group as well as group and role have a cross-reference too.
Thanks, Amit
----Original Message Follows---- From: mike long <[EMAIL PROTECTED]> Reply-To: "Jetspeed Users List" <jetspeed-user@jakarta.apache.org> To: Jetspeed Users List <jetspeed-user@jakarta.apache.org> Subject: Re: Database Related Question Date: Fri, 04 Feb 2005 13:27:08 -0500
Shah Amit wrote:
Before you try implementing the interfaces you should rule out the possibility that you can re-map the existing schema to your tables. Have you done that? Such would require no change to any Jetspeed code.Hi Mike and David,
Thanks for your guidance.
I read a couple of tutorials on JAAS and I think I kindaa get the idea. I am now going thru all the SPI interfaces and trying to judge what I would be implementing and what not (probably leave MessageDigestCredentialPasswordEncoder alone).
I think I will have to implement the SecurityAccess.java interface and make it point to my DB instead of the jetspeed provided implementation ?? ... (Apart from couple of others that I might need)
I know its too much to ask, but if you have like a block diagram or some sort of diagram or something like that explaining how these interfaces interact, that would be really great.
Once again, appreciate your help Amit ----Original Message Follows---- From: David Sean Taylor <[EMAIL PROTECTED]> Reply-To: "Jetspeed Users List" <jetspeed-user@jakarta.apache.org> To: Jetspeed Users List <jetspeed-user@jakarta.apache.org> Subject: Re: Database Related Question Date: Wed, 02 Feb 2005 13:07:04 -0800
mike long wrote:
I think David is saying that you should create implementations of the interfaces he references below. I am doing that to allow Jetspeed-2 to use an LDAP directory server instead of a relational database. My strategy has been to check out the Jetspeed-2 code from CVS and then write my own implementations of these classes and wire them in using the jetspeed-spring.xml, security.xml, and a couple other configuration files. A really good set of unit tests exists for the security components already that will tell you if your implementation of those interfaces is correct. You will have good assurance that your implementation is correct when all the component/security tests work. The tests should run out of the box hooked up to your custom implementations.
Your work will be easier than mine since you are only mapping the Jetspeed-2 security tables to your own. Since LDAP is not generally a transactional resource like a relational database, I am having difficulty because the existing suite of security tests is hardwired to use SQL persistence. That said, the work for you is still considerable. I would suggest reading up on Maven, all the tutorials on JAAS, and then the Spring reference manual. The later will show you how to wire the application together using your own security implementations.
I setup a new set of a maven project and basic skeletons for the services like this in a few minutes (but yes, I ve done it before).
Integration with the unit tests will take more time and thought.
But yes, if you are new to Spring and Maven and J2, its going to take more time. The lack of docs doesn't help:
http://portals.apache.org/jetspeed-2/spi.html
I still need to review your LDAP code. Sorry I haven't got to that yet.
-- David Sean Taylor Bluesunrise Software [EMAIL PROTECTED] [office] +01 707 773-4646 [mobile] +01 707 529 9194
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
