Uploaded image for project: 'Jetspeed 2'
  1. Jetspeed 2
  2. JS2-527

Allow email addresses to be used for user accounts by making hierarchical interpretation of principal names optional


    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.1-dev, 2.1
    • Fix Version/s: 2.1-dev, 2.1
    • Component/s: Security
    • Labels:


      By default, Jetspeed supports hierarchical names for role, group and user principal names and uses the '.' (dot) as a path or level separator.
      But right now (if ever) Jetspeed own admin portlets don't really use or support hierarchical principal definitions, even if the security model and component can handle it.

      Furthermore, and this is a major problem for some, because of this email addresses can't be used for user account names.
      By making hierarchical interpretation of principal (user,role and group) names optional, this now becomes possible.

      As we don't use factories for instantiating the principal classes, and I didn't want to cause a lot of api changes, I've opted for
      simple static methods on each principal type class through which this can be turned off.
      And by using Spring MethodInvokingFactoryBeans this can easily be configured through spring assembly.

      I'll add a new spring assembly file doing just that for all three principal classes but then commented out so by default everything stays the same.
      One example from this assembly file (hierarchical-principal-names.xml):

      <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
      <property name="staticMethod">
      <property name="arguments">




            • Assignee:
              adouma Ate Douma
              adouma Ate Douma
            • Votes:
              0 Vote for this issue
              0 Start watching this issue


              • Created: