Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.1-dev
    • Fix Version/s: 2.1-dev, 2.1
    • Component/s: Security
    • Labels:
      None

      Description

      Implement declarative portlet security constraints ("Security at the portlet level") feature.
      In Jetspeed 2.0, you can only define security permissions for a portlet. You cannot define security constraints for a portlet.
      The portal will hold a direct relationship between a portlet and a security-constraint-definition.

      Security Constraints are not Java Security Permissions, but a Jetspeed specific way of securing portlets, also known as PSML constraints.
      See the <i>page.security</i> file for examples of defining security constraint definitions.
      If a Jetspeed Security Constraint is not defined for a portlet, the constraint applied will then fallback to the constraint defined for the portlet application.
      If the portlet application does not define a constraint, then no security constraints will be applied to this portlet.
      Security constraints for a portlet are normally checking during the render process of a portlet and will be applied to all pipelines.

      The constraints will be defined in the jetspeed-portlet.xml deployment descriptor, holding a named security constraint references

      Example:

      jetspeed-portlet.xml:

      <portlet-app id="demo" version="1.0"
      ...
      <security-ref>public-edit</security-ref>
      ...
      <portlet>
      <portlet-name>PickANumberPortlet</portlet-name>
      <security-ref>public-edit</security-ref>
      </portlet>

        Activity

        Ate Douma made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Ate Douma made changes -
        Fix Version/s 2.1 [ 12310617 ]
        David Sean Taylor made changes -
        Status In Progress [ 3 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        David Sean Taylor made changes -
        Field Original Value New Value
        Status Open [ 1 ] In Progress [ 3 ]
        David Sean Taylor created issue -

          People

          • Assignee:
            David Sean Taylor
            Reporter:
            David Sean Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development