First, tell you that I'm not dead, just overwhelmed and trying to catch up with mail (and the large amount of conflicting commits that I'm getting lately :-)
I'm still working on the security stuff, and I've noticed a problem: The classes for security appear in two (really four) different places, namely org.apache.jetspeed.om.profile[.psml] and org.apache.jetspeed.om.registry[.base] I need to unify Security and Psml/BaseSecurity and Role and Psml/BaseRole, so that they can be handled in the same way throughout Jetspeed. This is crucial for the Decorator/Proxy/Wrapper for PortletSets, which should include the constraints to enable dynamic checking. I'm asking your permission for doing this. I thought about package org.apache.jetspeed.om.security.markup for both the interfaces and the base implementations, but I'm open to other names. What do you think? A possible alternative, that simplifies less the Object Model, is to keep using the current one and store turbine ACL instead, but it couples Jetspeed more with Turbine. I don't think that distinguishing Psml mappings from Registry mappings WRT security makes a lot of sense. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>