• Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.1-dev
    • Fix Version/s: 2.1-dev, 2.1
    • Component/s: Security
    • Labels:


      Implement declarative portlet security constraints ("Security at the portlet level") feature.
      In Jetspeed 2.0, you can only define security permissions for a portlet. You cannot define security constraints for a portlet.
      The portal will hold a direct relationship between a portlet and a security-constraint-definition.

      Security Constraints are not Java Security Permissions, but a Jetspeed specific way of securing portlets, also known as PSML constraints.
      See the <i></i> file for examples of defining security constraint definitions.
      If a Jetspeed Security Constraint is not defined for a portlet, the constraint applied will then fallback to the constraint defined for the portlet application.
      If the portlet application does not define a constraint, then no security constraints will be applied to this portlet.
      Security constraints for a portlet are normally checking during the render process of a portlet and will be applied to all pipelines.

      The constraints will be defined in the jetspeed-portlet.xml deployment descriptor, holding a named security constraint references



      <portlet-app id="demo" version="1.0"


        David Sean Taylor created issue -
        David Sean Taylor made changes -
        Field Original Value New Value
        Status Open [ 1 ] In Progress [ 3 ]
        David Sean Taylor made changes -
        Status In Progress [ 3 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Ate Douma made changes -
        Fix Version/s 2.1 [ 12310617 ]
        Ate Douma made changes -
        Status Resolved [ 5 ] Closed [ 6 ]


          • Assignee:
            David Sean Taylor
            David Sean Taylor
          • Votes:
            0 Vote for this issue
            0 Start watching this issue


            • Created: