Aaron Evans wrote:
I have seen some discussions floating about lately regarding AJAX and
J2 and I have also checked out the documentation at:
http://portals.apache.org/jetspeed-2/guides/guide-ajax-api.html
However, my specific use case falls outside of portal/portlet
administration. What I am looking to do is to use AJAX to fetch data
in XML format from a service within my application to include on the
fly within portlet content for a variety of purposes.
I am wondering if the AJAX capabilities of J2 can assist with this.
At the moment, I believe the answer is more or less no (unless the XML
comes from the output of a portlet rendering).
The Jetspeed AJAX API is an API for controlling Jetspeed with AJAX
The MVC framework of actions and views that implements the server side
of the Jetspeed Ajax API could easily be used in your portlet app
without too much effort. Just remember to secure access to the actions
If you look at Jetspeed Desktop we are are retrieving portlet context
over the portlet pipeline. Javascript is controlling the rendering, and
making a request over the portlet pipeline. (This is still very much
under development. Please dont log bugs against this feature!)
you can view the Jetspeed Desktop on any page in the system
Replace /jetspeed/portal with /jetspeed/desktop
At this point, my approach will be to use a servlet within my
application and by-pass the the portal. The servlet (or some part of
the webapp outside of the realm of portlets) will then have to manage
security for the requests for the data. This should be simple enough
by using SSO. And this is all fine, I really don't mind doing it this
way.
Yup, I've done the same thing, but I did re-use the Jetspeed Action
API's little MVC framework because, well it works very well.
The part I do not like about this approach is static security defs in
the web.xml. Prefer to use Jetspeed's security permissions to handle
this by extending the JetspeedPermission class with a new
ActionActionPermission.
However, I feel that it would be very useful to be able to provide
access to such a service through the portal (ie via the Ajax API) and
be able to use the same kind of security constraints that are commonly
placed on pages and fragments (plus then SSO wouldn't be required).
I should probably read all the paragraphs before responding :)
I think its a good idea. Then we dont have to build infrastructure into
our portlet applications, write a new servlet, etc..
If Jetspeed could be the secure gate keeper, and then delegate to
'actions' in portlet apps to do the actions, I think that would be a
better solution than one servlet controller per portlet app
My service exists only to provide data to UI interfaces rendered by
portlets. Thus, defining a portlet to deliver it via the rendering of
XML content and then placing it in a hidden PSML page for that sole
purpose seems like overkill.
Yup, I agree
Perhaps there exists a simple way to accomplish this through Jetspeed
that I am unaware of. Otherwise, I suppose I am leaving this as more
of a suggestion perhaps for future functionality. If there are others
that have similar requirements, then it may be worth creating a JIRA
entry...
What do you think about a new feature where Jetspeed can execute secured
ajax actions in portlet applications. The actions would just be POJOs
like in the Jetspeed AJAX API, and we could secure the actions in the
security policy
--
David Sean Taylor
Bluesunrise Software
[EMAIL PROTECTED]
[office] +01 707 773-4646
[mobile] +01 707 529 9194
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
