Armando, Please search the archives of this list for tips... there have been plenty of them over the last year. Also, there are design docs in the SVN repo that include discussions on this topic. Refer to the Profiler, Page Manager, and Portal Site components.
HTH, Randy On Fri, 2006-02-17 at 10:20 -0500, Armando Arteaga wrote: > Thanks for the reply. I don't quite understand about profilers. I tried to > by reading http://portals.apache.org/jetspeed-2/guides/guide-profiler.html , > but it seems the informatioin here isn't complete and i don't understand > what's already there (lil'pumpkin they call me XD). Can anyone tell me > where to find a good example about what does profiling exactly do, > description of all the posible rules and how to configure it? > > On 2/16/06, David Sean Taylor <[EMAIL PROTECTED]> wrote: > > > > Armando Arteaga wrote: > > > Hi: > > > I have a problem with the security-constraints of Jetspeed2. I'm > > testing > > > the deploy that comes with the installation package. First of all, i've > > > looked everywhere in j2-admin portlets and there doesn't seem to exist a > > > constraint manager per portlet like there was in jetspeed 1.x. Also I > > think > > > there's no way to view the user pages with the manager or admin > > users. The > > > folder.metadata in the user folder declares the security constraints as > > > follow: > > > > > > <security-constraints> > > > <owner>user</owner> > > > <security-constraints-ref>manager</security-constraints-ref> > > > </security-constraints> > > > > > > and the page.security of the portal defines the manager ref as: > > > <security-constraints-def name="manager"> > > > <security-constraint> > > > <roles>manager</roles> > > > <permissions>view</permissions> > > > </security-constraint> > > > </security-constraints-def> > > > > > > I'm making the assumption that this means the 'admin'/'manager' user > > (they > > > have the 'manager' role assigned to them) could at least view the pages > > > contained here, but when i'm logged in with this users and i try to view > > > these pages with the link provided by the Portal Site Detail Portlet it > > just > > > redirects me to the previous page i was before entering the > > Administrative > > > Portlets. Is this the way it is supposed to work? > > > > > Yes > > > > ALSO want to point out that the Portlet Selector will filter out > > portlets based on the permissions in the Jetspeed Security Policy. > > Thus you can only add portlets that you have access to. > > Its been debated whether we should also make this check during > > rendering, probably she be optional. > > > > Im working on an XML version of the permissions for import/export, but > > for now the only way to edit this policy is to edit the database > > scripts. For example, this permission secures ALL the j2-admin portlets: > > > > INSERT INTO SECURITY_PERMISSION > > VALUES(100,'org.apache.jetspeed.security.PortletPermission > > ','j2-admin::*','view, > > edit','2004-05-22 16:27:12.572','2004-05-22 16:27:12.572'); > > INSERT INTO PRINCIPAL_PERMISSION VALUES(6,100); > > > > Future version will support editing of these permissions via the > > j2-admin portlets > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
