I have the same problem. I implemented the LoginModule interface and the authentication works fine. Now I want to implemets the permission manager on my role. Arun let me know which solutions you decide and share your idea.
Andrew -----Messaggio originale----- Da: Randy Watler [mailto:[EMAIL PROTECTED] Inviato: martedì 4 ottobre 2005 7.01 A: Jetspeed Users List Oggetto: Re: Setting up J2 security with existing user and permissions database. Arun: There have been plenty of threads on this list that have tackled the external authentication needs you have here. There are generally two integration approaches available: via Security APIs or SecurityValve replacement. There is a Java Permissions based security model for the PageManager. One can disable the existing constraints in the PSML and instead utilize the permissions managed in the J2 DB. See the J2 *.sql configuration files for example permissions. The PageManager can be configured to use the permissions in the WEB-INF/assembly/page-manager.xml spring configuration. I am not sure if there is an admin portlet for permissions yet... the PSML based security is far more popular at this point. HTH, Randy Arun wrote: >Hello folks, > >I would first like to congratulate the contributors to this project and >the forum for the wonderful work being done. We are in the process of >building a new portal and I want to use Jetspeed 2. I have a few >questions related to security and could not get all the answers from >current documentation. I really appreciate if someone can provide >pointers here. > >1. We already have users and roles set up in a database and would like >to authenticate portal users against this store. I want to write a new >LoginModule to accomplish this. I recollect seeing some issues being >raised about replacing the LoginModules. Is this the right approach or >is it recommended to extend the existing LoginModuleProxy. All the user >management activities are taken care by another workflow in place that >has to go through approvals. > >2. A list of available portlets and information about roles that can >access them are already available in a database. What is the right >approach to extend the permission management in Jetspeed to use this >data store. Should I write my own implementation similar to rdbms >policy ? The portal is envisioned to be deployed on multiple midtiers >with one database. I do not want to use PSML page security where >folders are created on the filesystem for roles and users. However, >admin should be able to create new tabs and set up access permissions >to it based on roles. Can I achieve this without writing my own >security valve in J2. > >Thanks in advance. >Arun > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
