I wanted to know how Magnolia 2.0 manages access control. I do not
seem to find when Magnolia checks for access permissions; at first
Listener.isAllowed() seemed to be the place, but all it does IP source
filtering.
The underlying concern for us is that we would like to hook up our
CMS' security to our Novell user database, providing a unique
identifier across applications for our users (but not necessarily
single sign-on). Novell provides a nice Java API for this, so we only
need to write the glue code to link it to Magnolia's security
architecture. (I know, easier said than done...)
Magnolia 2.1 uses a filter now.
2.2 will integrate JAAS (some code is already in the svn trunk)
philipp
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
