At 20:15 2000-11-29, David Sean Taylor wrote:
>Hi All,
>
>I've updated the profiler proposal with your suggestions, thank you all very
>much.
>Now I need to implement this thing :)
>In order to do so, I am asking your permission for CVS write access.
I'm +1 on giving David CVS write access.
ingo.
>David
>
>----------------------------------------------------------------------------
>---------
>
>============================
>Jetspeed Profiler Proposal
>============================
>
>The ProfilerService is a service to abstract the management and mapping of
>profile resources, also known now as Portal Markup Resources (PSML). The
>Profiler maps a request for a profile to a profile resource. Since each
>implementation of a profiler will be different, we are providing the
>interfaces to the service, and we will also provide a default
>implementation.
>
>The default implementation has a profiling policy defined in this proposal
>based on resource-specific URLs, Mime-Types and language preferences. More
>complex implementations will need to use other inputs in mapping to
>resources such as Cookies, IP Address Ranges, Statistical Resource Usage
>Analysis, Business Rules inside of servlets or EJBs,...
>
>Each ProfilerService will store its profiles in whatever datastore best fits
>the needs of its application, perhaps in LDAP servers, WebDAV, relational
>or object databases. The default service persists to the file system, using
>the existing implementation of PSML files with some changes to the directory
>layout.
>
>The default implementation is meant to be useful for many installations. It
>also provides base functionality which can be reused or extended by other
>implementations.
>
>The ProfilerService is a Turbine service.
>
>
>===================================
>The Default Implementation
>===================================
>
>The default service uses Turbine Security to control access to user, group
>and role resources. It makes use of the new Turbine security. The Rundata
>now has an ACL member, which is used to check for users having access to
>groups and roles. Optionally, this security checking can be configured to be
>turned off.
>
>The basic mapping provided by the default provider:
>
>Resource URL Profile Path --------------->
>Request Language Preferences -----------> Profiler ----------> Actual
>Profile Resource
>Request Mime Types ------------------->
>
>A resource is identified in a request by a Resource URL. This URL is made up
>of the base part of the URL which addresses the server, along with a
>Profile Path portion. The profiler looks at the path, which provides
>addressing for the user, group, role, media type, and localization which is
>used to map to the actual resource.
>
>
>----------------------
>Capability Map
>----------------------
>
>The media type is determined by the CapabilityMap service.
>The CapabilityMap determines the media type from the HTTP headers.
>This media type is then passed to the Profiler to be used in mapping the
>request to a particular PSML resource.
>The CapabilityMap is planned to eventually support W3 CC/PP RDF
>descriptions - see http://www.w3.org/TR/NOTE-CCPP/.
>
>
>----------------------
>Users, Groups and Roles
>----------------------
>
>Groups allow for resources to be shared by users.
>A typical use-case is a common portal page for Human Resources.
>Instead of designing a HR markup for every employee in the company, they
>only design a markup for the organizations (groups) in the company i.e.
>Finance, Accounting, Marketing.
>
>Secure access to groups and roles is controlled by the ProfilerService.
>Since Jetspeed does not yet have a security service in place, it is up to
>the ProfilerService to make use of
>a security service. The Profiler service queries the security service to
>verify that a user has access to the group and role resources.
>
>The default implementation uses Turbine security.
>
>Like groups, roles allow for resources to be shared by users. We are
>providing support for both roles and groups
>since some implementations may use group-based security, while others may
>use role-based security.
>
>Groups and role resources may be specified in the resource URL.
>Alternatively, they can be automatically used when the group or role
>parameter is not specified. The Profiler will make use of the first matching
>group or role resource that a user has read access to.
>
>
>-----------------
>Resource Names
>-----------------
>
>The Profiler expects to have a default resource for every user.
>To use the default resource, you don't need to specify a resource name in
>the resource URL path. The default resource name is set in the Profiler
>configuration.
>
>In order to specify a resource other than the default markup for a user,
>resource names are specified in the Resource URL Path. To specify a
>non-default resource, a resource name must be specified in the path.
>
>Resource paths are specified using Turbine parameter pairs. Paths specified
>in this format are not order specific, but they do expect that every
>parameter is provided in a name/value consecutive pair in the URL path.
>
>To tell Jetspeed that the request is for a specific portal markup resource,
>use the 'profile' keyword as the name of the parameter, and then the actual
>resource name is specified in the value portion of the pair.
>
>This resource name simply identifies the resource that the user is
>requesting. An example of a 'BenefitsPage' resource would be:
>
>http://host/servlet/jetspeed/profile/BenefitsPage
>
>When no name or path is specified, the default resource is used for the
>current user. The resource name can also have an extension. If it is
>omitted, the default is to append a configurable extension (PSML).
>
>-----------------
>Parameters
>-----------------
>
>Here are the supported parameters in a resource path url:
>
>/profile/<ResourceName> - Specifies the name of the profiling resource.
>
>/role/<RoleName> - Specifies that the request can only be satisfied by a
>common role resource .
>An example would be /profile/FinancePage/role/Accountant/, meaning that we
>are requesting the FinancePage resource, and it is the Finance resource for
>the Accountant role. It will be up to the Profiler implementation to
>determine if the user is authorized to assume this role. The Security
>service, whether it is Turbine Security or other, should hold the
>controlling access information.
>
>/group/<groupName> - Specifies that the request can only be satisfied by a
>common group resource.
>An example would be /group/Finance/profile/BenefitsPage, meaning that we are
>requesting the BenefitsPage, and it is the Benefits page for the group
>'Finance'. It will be up to the Profiler implementation to determine if the
>user is a member of this group. The Security service, whether it be Turbine
>Security or other, should hold this mapping.
>
>/media-type/<mediaType> - To specifically request a mediatype in the
>request.
>
>/user/ - Specifies that the request can only be satisfied by a user
>resource. An example would be /profile/BenefitsPage/user/, meaning that we
>are requesting the BenefitsPage, but only for the current user. Specifying
>the name of the user is not allowed, only the authenticated username is
>applied. This format breaks the rules of Turbine name/value pairs in
>parameters. Thus, the 'user' keyword must be specified last in the resource
>path.
>
>
>When no user/group/role parameter is specified, the resource is resolved by
>first looking for a user resource, then a group resource, and finally a role
>resource. Only groups and roles that the user has read acess priveleges will
>be considered.
>
>-------------------------------
>Localized Resources
>--------------------------------
>
>Resources can optionally be localized.
>This is done by suffixing the resource name. The suffix is made up of a
>required ISO-639 standard two-character language abbreviation, and an
>optional IS0-3166 standard two-character country code abbreviation.
>
>The suffix is of the format:
>
>_lc_cc
>
>where:
>
> lc = language code
> cc = country code
>
>Some examples
>
>groups/accounting/html/default_fr_FR.psml // french language, France
>groups/accounting/html/default_fr.psml // french language, any country
>
>For a given locale of fr_FR, the search order for the default accounting
>resource would be:
>
>groups/accounting/html/default_fr_FR.psml
>groups/accounting/html/default_fr.psml
>groups/accounting/html/default.psml
>
>The profiler will look at the "Content Language" HTML header for locale
>specific settings. If there are multiple settings, all settings will be
>searched until the first resource is found.
>
>Localization can be configured in the JetspeedResources.properties file.
>
>You can configure a default language. This language will be considered the
>default language and no suffix will be necessary for their resources.
>
># only french belgium
>profiler.language.default=fr_BE
>
># default language any spanish
>profiler.language.default=es
>
># all resources must be suffixed
>profiler.language.default=
>
>To turn on/off all localization checking:
>profiler.default=true/false
>
>For a complete list of ISO-639 standard language abbreviations, see:
>http://www.ics.uci.edu/pub/ietf/http/related/iso639.txt
>
>For a complete list of ISO-3166 standard country code abbreviations, see:
>http://userpage.chemie.fu-berlin.de/diverse/doc/ISO_3166.html
>
>
>-------------------------------
>Device Explicit Resource Names
>--------------------------------
>
>Optionally, names can include the media type explicitly.
>
>http://host/servlet/jetspeed/profile/BenefitsPage/media-type/html/user/
>
>In this case, the 'media-type' parameter must be specified, and then the
>actual media type as the parameter value. The above example explicitly asks
>for the html resource for the BenefitsPage, and explicitly for the current
>user. First the profiler will look for the media type in the resource name.
>If it is not specified there, it will then query the CapabilityMap.
>
>
>-------------------------------
>Default Media-Type and Fallback
>--------------------------------
>
>If a request is for a given media type, and the resource is not found for
>the given media type, then the profiler will fallback to a default resource
>if available. This default resource is assumed to work for all media types
>without a specific resource. The default media type resource should be
>placed in the root directory for a given user, role or group.
>
>
>-------------------------------
>Anonymous Access and Profiles
>--------------------------------
>
>The default resource shown to anonymous logons is configured with
>profiler.anon.directory setting. A device specific path could be set here,
>but probably should not so that Jetspeed can autodectect the media type.
>
># Directory used for anonymous access
>profiler.anon.directory=/user/default/
>
>The actual resource displayed is then dependent on media type, language, and
>the default resource markup filename.
>
>Profiles available to anonymous users are configured with:
>
>profiler.anon.profiles=/role/TennisNewUserProfile
>profiler.anon.profiles=/role/RugbyNewUserProfile
>profiler.anon.profiles=/role/BadmintonNewUserProfile
>
>These are not used directly by the default profiler, but could be used by
>applications to provide choices of profiles available to anonymous users.
>The roles must actually have their security setup correctly to work, meaning
>that access should be given to 'everyone' on these roles.
>
>-------------------------------
>Authorized Profiles
>--------------------------------
>When a user first signs up, they could be given a choice of profiles
>available authorized users. This services can be configured as:
>
>profiler.authorized.profiles=/role/engineer/
>profiler.authorized.profiles=/group/accounting/
>
>--------------------------------
>Cookie-based Anonymous Sessions
>--------------------------------
>Cookies are used to automatically remember an unauthorized user's last
>profile The cookie would remember which 'anon' role it used last. This
>provides access for unauthorized users to other resources besides the
>default.
>
>--------------------------------
>Cookie-based Authorized Sessions
>--------------------------------
>Cookies are used to automatically logon an authorized user and remember the
>default profile for the authorized user.
>
>
>--------
>Profile
>--------
>
>PSML resource are materialised as a 'Profile' object.
>It would be interesting if the Profile's contents (Controls, Controllers,
>Portlets) were also first-class persistence-capable objects, so that
>Customizers could store changes to one portlet ref instead of re-writing the
>entire psml tree. At this point in time, the Profile will simply be a
>wrapper around the existing implementation along with some new accessors.
>
>-----------------------------------
>Jetspeed Resources Configuration
>-----------------------------------
>
># The Profiler Service is implemented as a Turbine service.
>services.Profiler.classname=org.apache.jetspeed.services.profiler.JetspeedPr
>ofilerService
>
># Base URL for fetching user configuration files
># for use with the default profiler
>profiler.base.url=/profiles/
>
># Directory used for anonymous access
>profiler.anon.dir=/profiles/user/default/
>
># default markup file
>profiler.default.markup=default
>
># default markup file per user
>profiler.default.ext=psml
>
># default markup file per user
>profiler.security=true/false
>
># only french belgium
>profiler.language.default=fr_BE
>
># default language any spanish
>profiler.language.default=es
>
># all resources must be suffixed
>profiler.language.default=
>
>To turn on/off all localization checking:
>profiler.default=true/false
>
>profiler.anon.profiles=
>profiler.authorized.profiles=
>
>----------------
>Directory Layout
>-----------------
>
>All resources are defined as relative to the root (profiler.base.url).
>
>Markup files are organized in directories under the root. There are three
>subpaths under the root:
>
>Root
> | --- / user
> | --- / role
> | --- / group
>
>Under the /user subtree, are the directories for all users and likewise for
>roles and groups:
>
>user
> | --- / raul
> | --- / steve
> | --- / luis
>
>role
> | --- / engineer
> | --- / accountant
> | --- / supervisor
>
>group
> | --- / finance
> | --- / marketing
> | --- / accounting
>
>
>Under each of these subtrees, there is one directory for each media type.
>Media types are capable of supporting one or more mime types.
>For instance, both "text/html" and "text/dhtml" could map to the the same
>media type. But they also may not. This mapping is controlled in the Portlet
>Registry (JetspeedConfig.jcfg) with the CapabilityMapRegistry.
>
>In the example below, both mime types map to the same media type.
>
> <capability-map-registry>
> <capability-map-entry name="html">
> <mime-type>text/html</mime-type>
> </capability-map-entry>
>
> <capability-map-entry name="html">
> <mime-type>text/dhtml</mime-type>
> </capability-map-entry>
>
>Media types are defined in the media type registry.
>
> <media-type-registry>
>
> <media-type-entry name="html">
> <capability-map ref="html"/>
> <meta-info>
> <title>HTML</title>
> </meta-info>
> </media-type-entry>
>
>
>----------
>Examples
>----------
>
>Here is an example tree:
>
>{root}
> users
> {default}
> default.psml // fallback: can be used as
> crossdevice media
> html
> default.psml
> raul
> html
> default.psml
> page1.psml
> wml
> default.psml
> steve
> default.psml // fallback: can be used as
> crossdevice media
> html
> default.psml
> groups
> accounting
> html
> default.psml
> page1.psml
> wml
> default.psml
> marketing
> html
> default.psml
>
>An incoming request from an html browser of:
>
> http://server/servlet/jetspeed
>
>would map to the resource path:
>
> {root}/user/{current-user}/html/default.psml
>
>An incoming request from an html browser of:
>
> http://server/servlet/jetspeed/group/sales/profile/SalesCenter
>
>would map to the resource path:
>
> {root}/group/sales/html/SalesCenter.psml
>
>An incoming request from a wml browser of:
>
> http://server/servlet/jetspeed/profile/JavaCenter/role/programmer/
>
>would map to the resource path:
>
> {root}/role/programmer/wml/JavaCenter.psml
>
>An incoming request from a wml browser of for user 'raul':
>
> http://server/servlet/jetspeed/profile/MySportsPortal
>
>would map to the resource path:
>
> {root}/user/raul/wml/MySportsPage.psml
>
>and if that failed, it would try again for the user's groups and roles.
>it may find a page such as:
>
> {root}/role/footballfan/wml/MySportsPage.psml
>
>
>-------------------------
>Modifications to the Code
>-------------------------
>
>The JetspeedProfilerService will be implemented in the
>org.apache.jetspeed.services.profiler package.
>
>The ProfilerService interface will be placed in the
>org.apache.jetspeed.services.profiler package.
>
>The Profile interface will be place in the org.apache.jetspeed.om.profiler
>
>The JetspeedProfile class will be implemented and placed in the
>org.apache.jetspeed.om.profiler package
>
>The interception of requests will only occur in
>org.apache.jetspeed.turbine.screens.Home.java
>Home.java will need to be modified.
>This is under the assumption that there is only one entry point into
>Jetspeed markup generation.
>
>The package org.apache.jetspeed.profiler will be removed.
>All import statements to this package will be replaced with imports to the
>service.
>A few new string resources will be adaded to JetspeedResources.java
>
>------------------------------
>Modifications to Configuration
>------------------------------
>
>The Profile Registry in the jcfg file would be removed.
>
>The 'psml' directory will be removed.
>
>A new directory under 'content' will be added, 'profiles'.
>It will have the structure as shown in the default implementation above.
>
>The JetspeedResources.Properties will be modified to add the configuration
>settings described above.
>
>Add the profiler service to the TurbineResources.Properties.
>
>====================
>Interfaces
>====================
>
>All profiler services must implement the ProfilerService interface.
>The Profile interface defines a profile instance.
>A Profile is the object representation of a Jetspeed PSML resource.
>
>public interface ProfilerService extends Service {
>
> /** The name of this service */
> public String SERVICE_NAME = "ProfileManager";
>
> /*
> * get the Profile object using the Rundata state and
> capability map
> * this is the mapping functionality of the profiler
> *
> * @param rundata the rundata object for the current request
> * @return a Profile object if found by the manager or null
> */
> public Profile getProfile(RunData rundata);
>
> /*
> * stores a cookie in response to the current resource
> *
> * @param rundata the rundata object for the current request
> */
> public void storeCookie(RunData rundata);
>
>}
>
>public interface Profile extends Initable {
> /**
> Gets the root set of portlets for this profile object.
>
> @return The root portlet set for this profile.
> */
> public PortletSet getRootSet();
>
> /**
> Gets the PortletSetFactory for this profile
>
> @return The portlet set factory for this profile.
> */
> public PortletSetFactory getFactory();
>
>
> /**
> stores the resource by merging and rewriting the psml file
>
> @throws ProfileException if an error occurs storing the profile
> */
> public void store() throws ProfileException;
>
>}
>
>------------------------------------------
>Jetspeed Default Implementation Accessors:
>------------------------------------------
>
> class JetspeedProfile
> {
> /*
> accessors
> */
> String getUser();
> String getGroup();
> String getRole();
> String getResourceName();
> String getResourcePath();
> String getMediaType();
> String getLanguageCode();
> String getCountryCode();
> }
>
> class JetspeedProfilerService
> {
> /*
> get the base URL for the profile registry
> */
> String getBaseURL();
>
> /*
> get the default resource name
> */
> String getDefaultResourceName();
>
> /*
> is security enabled
> */
> boolean isSecurityEnabled();
>
> getAuthorizedProfiles();
> getAnonymousProfiles();
> }
>
>
>==============================
>Future Directions
>==============================
>
>- Mapping IP address ranges to Groups. This would require a table, either in
>the database or a simple text file.
>
>- Dynamic profiling based on usage statistics
>
>- The Profile's content generation based on runtime criteria, not static
>psml files
>
>
>
>
>
>
>--
>--------------------------------------------------------------
>Please read the FAQ! <http://java.apache.org/faq/>
>To subscribe: [EMAIL PROTECTED]
>To unsubscribe: [EMAIL PROTECTED]
>Archives and Other: <http://marc.theaimsgroup.com/?l=jetspeed>
>Problems?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://marc.theaimsgroup.com/?l=jetspeed>
Problems?: [EMAIL PROTECTED]
