Hi All,
Below is a proposal for a Jetspeed Profiler Service.
It is not final and your input is welcome.
David
============================
Jetspeed Profiler Proposal
============================
The ProfilerService is a service to abstract the management and mapping of
profile resources, also known now as Portal Markup Resources (PSML). The
Profiler maps a request for a profile to a profile resource. Since each
implementation of a profiler will be different, we are providing the
interfaces to the service, and we will also provide a default
implementation.
The default implementation has a profiling policy defined in this proposal
based on resource-specific URLs, Mime-Types and language preferences. More
complex implementations will need to use other inputs in mapping to
resources such as Cookies, IP Address Ranges, Statistical Resource Usage
Analysis, Business Rules inside of servlets or EJBs,...
Each ProfilerService will store its profiles in whatever datastore best fits
the needs of its application, perhaps in LDAP servers, WebDAV, relational
or object databases. The default service persists to the file system, using
the existing implementation of PSML files with some changes to the directory
layout.
The default implementation is meant to be useful for many installations. It
also provides base functionality which can be reused or extended by other
implementations.
The ProfilerService is a Turbine service.
===================================
The Default Implementation
===================================
The default service uses Turbine Security to control access to user, group
and role resources. It makes use of the new Turbine security. The Rundata
now has an ACL member, which is used to check for users having access to
groups and roles. Optionally, this security checking can be configured to be
turned off.
The basic mapping provided by the default provider:
Resource URL Profile Path --------------->
Request Language Preferences -----------> Profiler ----------> Actual
Profile Resource
Request Mime Types ------------------->
A resource is identified in a request by a Resource URL. This URL is made up
of the base part of the URL which addresses the server, along with a
Profile Path portion. The profiler looks at the path, which provides
addressing for the user, group, role, media type, and localization which is
used to map to the actual resource.
----------------------
Capability Map
----------------------
The media type is determined by the CapabilityMap service.
The CapabilityMap determines the media type from the HTTP headers.
This media type is then passed to the Profiler to be used in mapping the
request to a particular PSML resource.
The CapabilityMap is planned to eventually support W3 CC/PP RDF
descriptions - see http://www.w3.org/TR/NOTE-CCPP/.
----------------------
Users, Groups and Roles
----------------------
Groups allow for resources to be shared by users.
A typical use-case is a common portal page for Human Resources.
Instead of designing a HR markup for every employee in the company, they
only design a markup for the organizations (groups) in the company i.e.
Finance, Accounting, Marketing.
Secure access to groups and roles is controlled by the ProfilerService.
Since Jetspeed does not yet have a security service in place, it is up to
the ProfilerService to make use of
a security service. The Profiler service queries the security service to
verify that a user has access to the group and role resources.
The default implementation uses Turbine security.
Like groups, roles allow for resources to be shared by users. We are
providing support for both roles and groups
since some implementations may use group-based security, while others may
use role-based security.
Groups and role resources may be specified in the resource URL.
Alternatively, they can be automatically used when the group or role prefix
is not specified. The Profiler will make use of the first matching group or
role resource that a user has read access to.
-----------------
Resource Names
-----------------
The Profiler expects to have a default resource for every user.
To use the default resource, you don't need to specify a resource name in
the resource URL path. The default resource name is set in the Profiler
configuration.
In order to specify a resource other than the default markup for a user,
resource names are specified in the Resource URL Path. To specify a
non-default resource, the first part of a resource path must be the keyword
'portal'. This tells Jetspeed that the request is for a portal markup
resource.
Next, the resource name can be specified. This name simply identifies the
resource that the user is requesting. The resource is specified in the URL.
An example of a 'BenefitsPage' resource would be:
http://host/servlet/jetspeed/portal/BenefitsPage
When no name or path is specified, the default resource is used for the
current user. The resource name can also have an extension. If it is
omitted, the default is to append a configurable extension (PSML).
Resources names may also be prefixed. This proposal suggests three prefixes:
/user/ - Specifies that the request can only be satisfied by a user
resource. An example would be /portal/user/BenefitsPage, meaning that we are
requesting the BenefitsPage, but only for the current user. Specifying the
name of the user is not allowed, only the authenticated username is applied.
/role/<RoleName> - Specifies that the request can only be satisfied by a
common role resource . An example would be
/portal/role/Accountant/FinancePage, meaning that we are requesting the
FinancePage, and it is the Finance page for the Accountant role. It will be
up to the Profiler implementation to determine if the user is authorized to
assume this role. The Security service, whether it is Turbine Security or
other, should hold the controlling access information.
/group/<groupName> - Specifies that the request can only be satisfied by a
common group resource. An example would be
/portal/group/Finance/BenefitsPage, meaning that we are requesting the
BenefitsPage, and it is the Benefits page for the group 'Finance'. It will
be up to the Profiler implementation to determine if the user is a member of
this group. The Security service, whether it be Turbine Security or other,
should hold this mapping.
When a prefix is not specified, the resource is resolved by first looking
for a user resource, then a group resource, and finally a role resource.
Only groups and roles that the user has read acess priveleges will be
considered.
-------------------------------
Localized Resources
--------------------------------
Resource names can optionally be localized. This is done by suffixing the
resource name. The suffix is made up of a required ISO-639 standard
two-character language abbreviation, and an optional IS0-3166 standard
two-character country code abbreviation.
The suffix is of the format:
_lc_cc
where:
lc = language code
cc = country code
Some examples
groups/accounting/html/default_fr_FR.psml // french language, France
groups/accounting/html/default_fr.psml // french language, any country
For a given locale of fr_FR, the search order for the default accounting
resource would be:
groups/accounting/html/default_fr_FR.psml
groups/accounting/html/default_fr.psml
groups/accounting/html/default.psml
The profiler will look at the "Content Language" HTML header for locale
specific settings. If there are multiple settings, all settings will be
searched until the first resource is found.
Localization can be configured in the JetspeedResources.properties file.
You can configure a default language. This language will be considered the
default language and no prefix will be necessary for their resources.
# only french belgium
profiler.language.default=fr_BE
# default language any spanish
profiler.language.default=es
# all resources must be suffixed
profiler.language.default=
To turn on/off all localization checking:
profiler.default=true/false
For a complete list of ISO-639 standard language abbreviations, see:
http://www.ics.uci.edu/pub/ietf/http/related/iso639.txt
For a complete list of ISO-3166 standard country code abbreviations, see:
http://userpage.chemie.fu-berlin.de/diverse/doc/ISO_3166.html
-------------------------------
Device Explicit Resource Names
--------------------------------
Optionally, names can include the media type explicitly.
http://host/servlet/jetspeed/portal/media-type/html/user/BenefitsPage
In this case, the 'media-type' prefix must follow the portal prefix, and
then the actual media type is specified. The above example explicitly asks
for the html resource for the BenefitsPage, and explicitly for the current
user. First the profiler will look for the media type in the resource name.
If it is not specified there, it will then query the CapabilityMap.
-------------------------------
Default Media-Type and Fallback
--------------------------------
If a request is for a given media type, and the resource is not found for
the given media type, then the profiler will fallback to a default resource
if available. This default resource is assumed to work for all media types
without a specific resource. The default media type resource should be
placed in the root directory for a given user, role or group.
-------------------------------
Anonymous Access and Profiles
--------------------------------
The default resource shown to anonymous logons is configured with
profiler.anon.directory setting. A device specific path could be set here,
but probably should not so that Jetspeed can autodectect the media type.
# Directory used for anonymous access
profiler.anon.directory=/user/default/
The actual resource displayed is then dependent on media type, language, and
the default resource markup filename.
Profiles available to anonymous users are configured with:
profiler.anon.profiles=/role/TennisNewUserProfile
profiler.anon.profiles=/role/RugbyNewUserProfile
profiler.anon.profiles=/role/BadmintonNewUserProfile
These are not used directly by the default profiler, but could be used by
applications to provide choices of profiles available to anonymous users.
The roles must actually have their security setup correctly to work, meaning
that access should be given to 'everyone' on these roles.
-------------------------------
Authorized Profiles
--------------------------------
When a user first signs up, they could be given a choice of profiles
available authorized users. This services can be configured as:
profiler.authorized.profiles=/role/engineer/
profiler.authorized.profiles=/group/accounting/
--------------------------------
Cookie-based Anonymous Sessions
--------------------------------
Cookies are used to automatically remember an unauthorized user's last
profile The cookie would remember which 'anon' role it used last. This
provides access for unauthorized users to other resources besides the
default.
--------------------------------
Cookie-based Authorized Sessions
--------------------------------
Cookies are used to automatically logon an authorized user and remember the
default profile for the authorized user.
--------------------
Profiler Registry
--------------------
The Profile Registry in the jcfg file would be deprecated.
-----------
Profile
----------
PSML resource are materialised as a 'Profile' object.
It would be interesting if the Profile's contents (Controls, Controllers,
Portlets) were also first-class persistence-capable objects, so that
Customizers could store changes to one portlet ref instead of re-writing the
entire psml tree. At this point in time, the Profile will simply be a
wrapper around the existing implementation along with some new accessors.
-----------------------------------
Turbine Resources Configuration
-----------------------------------
The Profiler Service must be implemented as a Turbine service.
The Profiler Service is configured in the JetspeedResources.properties file:
# Profiler used for assigning the�PSML URL to use for each request
profiler.default.classname=org.apache.jetspeed.services.profiler.JetspeedPro
filer
-----------------------------------
Jetspeed Resources Configuration
-----------------------------------
# Base URL for fetching user configuration files
# for use with the default profiler
profiler.base.url=/content/profiles/
# Directory used for anonymous access
profiler.anon.dir=/user/default/
# default markup file
profiler.default.markup=default
# default markup file per user
profiler.default.ext=psml
# default markup file per user
profiler.security=true/false
# only french belgium
profiler.language.default=fr_BE
# default language any spanish
profiler.language.default=es
# all resources must be suffixed
profiler.language.default=
To turn on/off all localization checking:
profiler.default=true/false
profiler.anon.profiles=
profiler.authorized.profiles=
----------------
Directory Layout
-----------------
All resources are defined as relative to the root (profiler.base.url).
Markup files are organized in directories under the root. There are three
subpaths under the root:
Root
| --- / user
| --- / role
| --- / group
Under the /user subtree, are the directories for all users and likewise for
roles and groups:
user
| --- / raul
| --- / steve
| --- / luis
role
| --- / engineer
| --- / accountant
| --- / supervisor
group
| --- / finance
| --- / marketing
| --- / accounting
Under each of these subtrees, there is one directory for each media type.
Media types are capable of supporting one or more mime types.
For instance, both "text/html" and "text/dhtml" could map to the the same
media type. But they also may not. This mapping is controlled in the Portlet
Registry (JetspeedConfig.jcfg) with the CapabilityMapRegistry.
In the example below, both mime types map to the same media type.
<capability-map-registry>
<capability-map-entry name="html">
<mime-type>text/html</mime-type>
</capability-map-entry>
<capability-map-entry name="html">
<mime-type>text/dhtml</mime-type>
</capability-map-entry>
Media types are defined in the media type registry.
<media-type-registry>
<media-type-entry name="html">
<capability-map ref="html"/>
<meta-info>
<title>HTML</title>
</meta-info>
</media-type-entry>
----------
Examples
----------
Here is an example tree:
{root}
users
{default}
default.psml // fallback: can be used as crossdevice media
html
default.psml
raul
html
default.psml
page1.psml
wml
default.psml
steve
default.psml // fallback: can be used as crossdevice media
html
default.psml
groups
accounting
html
default.psml
page1.psml
wml
default.psml
marketing
html
default.psml
An incoming request from an html browser of:
http://server/servlet/jetspeed
would map to the resource path:
{root}/user/{current-user}/html/default.psml
An incoming request from an html browser of:
http://server/servlet/jetspeed/portal/group/sales/SalesCenter
would map to the resource path:
{root}/group/sales/html/SalesCenter.psml
An incoming request from a wml browser of:
http://server/servlet/jetspeed/portal/role/programmer/JavaCenter
would map to the resource path:
{root}/role/programmer/wml/JavaCenter.psml
An incoming request from a wml browser of for user 'raul':
http://server/servlet/jetspeed/portal/MySportsPortal
would map to the resource path:
{root}/user/raul/wml/MySportsPage.psml
and if that failed, it would try again for the user's groups and roles.
it may find a page such as:
{root}/role/footballfan/wml/MySportsPage.psml
-------------------------
Modifications to the Code
-------------------------
The JetspeedProfilerService will be implemented in the
org.apache.jetspeed.services.profiler package.
The ProfilerService interface will be placed in the
org.apache.jetspeed.services.profiler package.
The Profile interface will be place in the org.apache.jetspeed.om.profiler
The JetspeedProfile class will be implemented and placed in the
org.apache.jetspeed.om.profiler package
The interception of requests will only occur in
org.apache.jetspeed.turbine.screens.Home.java
Home.java will need to be modified.
This is under the assumption that there is only one entry point into
Jetspeed markup generation.
The package org.apache.jetspeed.profiler will be removed.
All import statements to this package will be replaced with imports to the
service.
A few new string resources will be adaded to JetspeedResources.java
------------------------------
Modifications to Configuration
------------------------------
The 'psml' directory will be removed.
A new directory under 'content' will be added, 'profiles'.
It will have the structure as shown in the default implementation above.
The JetspeedResources.Properties will be modified to add the configuration
settings described above.
Add the profiler service to the TurbineResources.Properties.
====================
Interfaces
====================
All profiler services must implement the ProfilerService interface.
The Profile interface defines a profile instance.
A Profile is the object representation of a Jetspeed PSML resource.
interface ProfilerService extends Service
{
/*
initialize the profiler service
the profiler service is implemented as a turbine service
*/
init();
/*
get the Profile object using the Rundata state and capability map
this is the mapping functionality of the profiler
*/
Profile getProfile(Rundata, CapabilityMap );
/*
get the base URL for the profile registry
*/
String getBaseURL();
/*
get the default resource name
*/
String getDefaultResourceName();
/*
is security enabled
*/
boolean isSecurityEnabled();
getAuthorizedProfiles();
getAnonymousProfiles();
/*
store cookie in response to the current resource
*/
storeCookie();
}
interface Profile
{
/**
* Gets a PortletSet for this profile object.
*
* @return The root portlet set for this profile.
*/
PortletSet getPortletSet(); // get the portlet set for this profile
/*
stores the resource by merging and rewriting the psml file
*/
void store()
/*
accessors to new functionality - this may be default imp. specific....
*/
String getUser();
String getGroup();
String getRole();
String getResourceName();
String getResourcePath();
String getMediaType();
String getLanguageCode();
String getCountryCode();
}
==============================
Future Directions
==============================
- Full support of W3 CC/PP RDF descriptions
- Mapping IP address ranges to Groups. This would require a table, either in
the database or a simple text file.
- Dynamic profiling based on usage statistics
- The Profile's content generation based on runtime criteria, not static
psml files
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://marc.theaimsgroup.com/?l=jetspeed>
Problems?: [EMAIL PROTECTED]
