Given that the local group store supports nesting in other flavors of
groups, so one can achieve the effect of managing uPortal adminness in
LDAP or via PAGS, restricting these well-named groups to the Local Group
Store seems an excellent idea.
Andrew
Eric Dalquist wrote:
I do as well, my only concern are the security implications of some
'un-authorized source' getting another group named "uPortal
Administrators" into the system. Though we could restrict these well
named groups to just local groups which would make the restrictions
easier to implement.
-Eric
Andrew Petro wrote:
I like (1). It's some development effort, but it's a nice step
towards "convention over configuration".
Andrew
Eric Dalquist wrote:
Thanks for the update. I have a few ideas for getting rid of the
explicit configuration tie to the synthetic group IDs.
1. Switch to just using well known names. An example would be "All
uPortal Users" for everyone, "All uPortal Channels" for all channels
and "uPortal Administrators" for admins. Some effort would need to
be done in the composite group store to prevent these groups from
being created by users for security reasons which may be a bit of a
road block.
2. Move the config into the database. A table could contain a known
real id and the corresponding synthetic id of the designated group.
This information could more easily be exported and would reduce the
configuration tie to specific group keys.
Thoughts from any devs out there?
-Eric
Drew Wills wrote:
Eric,
I updated dbunload,crn per our discussion on IRC:
http://developer.ja-sig.org/source/changelog/jasigsvn/?cs=43464
It still needs some attention, though...
There are 3 rows defined in the UP_GROUP.default-data.xml file,
each of which refers to an EntityType by Id: IPerson or IChannel.
We either need to include a .default-data.xml file that defines
these dependencies, or remove the need for 'Everyone', 'Portal
Administrators', and 'All Channels' to have specific Ids.
drew
--
Join your friends and colleagues at JA-SIG 2008 - "Higher Education Solutions: The
Community Source Way!"
April 27th - 30th, 2008 in St. Paul, Minnesota USA
Featuring CAS, DSpace, Fedora, Fluid, Internet2, Kuali, Sakai, uPortal, and
more!
Information/Registration at:
http://www.ja-sig.org/conferences/08spring/index.html
Subscribe to the conference blog, The Community Source Way
http://jasig2008.blogspot.com, for news and updates about the event.
Join the Conference networking site at http://ja-sigspring08.crowdvine.com/
You are currently subscribed to [email protected] as: [EMAIL
PROTECTED]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/uportal-dev
