paulsp 02/02/16 05:10:21
Modified: webapp/WEB-INF/conf JetspeedResources.properties
src/java/org/apache/jetspeed/services/security
JetspeedDBSecurityService.java
xdocs changes.xml
docs/site changes.html
Log:
Added configurable default security settings for logged-in and anonymous users
Revision Changes Path
1.63 +11 -1
jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedResources.properties
Index: JetspeedResources.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedResources.properties,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -r1.62 -r1.63
--- JetspeedResources.properties 11 Feb 2002 08:17:53 -0000 1.62
+++ JetspeedResources.properties 16 Feb 2002 13:10:20 -0000 1.63
@@ -1,7 +1,7 @@
################################################################################
# Jetspeed Configuration
# Author: Kevin A. Burton ([EMAIL PROTECTED])
-# $Id: JetspeedResources.properties,v 1.62 2002/02/11 08:17:53 taylor Exp $
+# $Id: JetspeedResources.properties,v 1.63 2002/02/16 13:10:20 paulsp Exp $
################################################################################
# This is the main file you will need to configuration Jetspeed. If there are
# any secondary files they will be pointed to from this file.
@@ -391,8 +391,18 @@
# Media types template to create for user. (comma separated)
services.Profiler.newuser.media_types=html,wml
+#########################################
+# Template Jetspeed Security Service #
+#########################################
# Role(s) to assign to new user. Multiple Role must be comma separated.
services.JetspeedSecurity.newuser.roles=user
+
+# Default permission(s) when object have no permissions defined
+# The follow permissions are define in the default Jetspeed installation:
+# view, customize, minimize, maximize, close
+# * = All permissions
+services.JetspeedSecurity.permission.default.anonymous=view
+services.JetspeedSecurity.permission.default.loggedin=*
#########################################
# Template Locator Service #
1.14 +28 -3
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
Index: JetspeedDBSecurityService.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- JetspeedDBSecurityService.java 11 Feb 2002 08:05:12 -0000 1.13
+++ JetspeedDBSecurityService.java 16 Feb 2002 13:10:21 -0000 1.14
@@ -91,7 +91,7 @@
*
* @author <a href="mailto:[EMAIL PROTECTED]";>David Sean Taylor</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Santiago Gala</a>
- * @version $Id: JetspeedDBSecurityService.java,v 1.13 2002/02/11 08:05:12 taylor
Exp $
+ * @version $Id: JetspeedDBSecurityService.java,v 1.14 2002/02/16 13:10:21 paulsp
Exp $
*/
@@ -99,6 +99,9 @@
implements JetspeedSecurityService
{
private final static String CONFIG_NEWUSER_ROLES = "newuser.roles";
+ private final static String CONFIG_DEFAULT_PERMISSION_LOGGEDIN =
"permission.default.loggedin";
+ private final static String CONFIG_DEFAULT_PERMISSION_ANONYMOUS =
"permission.default.anonymous";
+ private final static String [] DEFAULT_PERMISSIONS = {""};
private final static String [] DEFAULT_CONFIG_NEWUSER_ROLES =
{ "user" };
String roles[] = null;
@@ -196,10 +199,10 @@
{
Security security = entry.getSecurity();
if (null == security)
- return true; // grant permission if no security role given
+ return checkDefaultPermission( runData, permission);
String securityRole = security.getRole();
if (null == securityRole)
- return true; // grant permission if no security role given
+ return checkDefaultPermission( runData, permission);
// determine if Portlet has specified role
AccessControlList acl = runData.getACL();
@@ -390,4 +393,26 @@
removeRole(role);
}
+ private boolean checkDefaultPermission(RunData runData, String permission) {
+ String defaultPermissions[] = null;
+ ResourceService serviceConf =
((TurbineServices)TurbineServices.getInstance())
+
.getResources(JetspeedSecurityService.SERVICE_NAME);
+
+ try {
+ if ( (runData.getUser() == null) || !runData.getUser().hasLoggedIn() ) {
+ defaultPermissions =
serviceConf.getStringArray(CONFIG_DEFAULT_PERMISSION_ANONYMOUS);
+ } else {
+ defaultPermissions =
serviceConf.getStringArray(CONFIG_DEFAULT_PERMISSION_LOGGEDIN);
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ for (int i = 0; i < defaultPermissions.length; i++) {
+ if (defaultPermissions[i].equals("*"))
+ return true;
+ if (defaultPermissions[i].equals(permission))
+ return true;
+ }
+ return false;
+ }
}
1.24 +4 -1 jakarta-jetspeed/xdocs/changes.xml
Index: changes.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/xdocs/changes.xml,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- changes.xml 14 Feb 2002 03:38:17 -0000 1.23
+++ changes.xml 16 Feb 2002 13:10:21 -0000 1.24
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!--
-$Id: changes.xml,v 1.23 2002/02/14 03:38:17 paulsp Exp $
+$Id: changes.xml,v 1.24 2002/02/16 13:10:21 paulsp Exp $
-->
<document>
<properties>
@@ -164,6 +164,9 @@
</li>
<li>
Fix - 2002/02/13 - Bug 5630 - Redirect to home page when exiting the Customizer.
(PS)
+</li>
+<li>
+ Add - 2002/02/16 - Default permissions for "logged in" and anonymous users is now
configurable. (PS)
</li>
</ul>
</section>
1.15 +3 -0 jakarta-jetspeed/docs/site/changes.html
Index: changes.html
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/docs/site/changes.html,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- changes.html 14 Feb 2002 03:38:17 -0000 1.14
+++ changes.html 16 Feb 2002 13:10:21 -0000 1.15
@@ -269,6 +269,9 @@
<li>
Fix - 2002/02/13 - Bug 5630 - Redirect to home page when exiting the Customizer.
(PS)
</li>
+<li>
+ Add - 2002/02/16 - Default permissions for "logged in" and anonymous users is now
configurable. (PS)
+</li>
</ul>
</blockquote>
</p>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
