Hello, Perhaps you can help? I'm trying to write a Forum portlet as a means to learn all about portlets / struts bridges and of course the wonderful Jetspeed2 itself! In the portlet I'm writing I'd like to provide access to Forums based on a users Role membership. I understand that JAAS is being used with a RDBMS login module but I am unsure how I grab a list of all the users roles to allow a filter of those Forums available to the user. Is it the correct approach to use the users role in this manner or would I be better of trying to setup user preferences? I've looked at the Jetspeed2 Security Docs which mentions the use of user.getSubject().getPrincipals() to provide a list of the users associated roles but I'm not sure how to first access the user! I can of course access the Princpial using the httprequest.getUserPrincipal() but I really need access to the complete list of a users Roles.
In essence I'd like to capture the rich portal defined user info around Role and Group access to use it in a portlet. Any thoughts or tips would be very useful. Kind regards, m IMPORTANT NOTICE If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to the statement below or contact the sender. This communication is from Deloitte MCS Limited whose registered office is at Hill House, 1 Little New Street, London EC4A 3TR, United Kingdom. Registered in England No 3311052. This communication and any attachments contain information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any form of disclosure, distribution, copying or use of this communication or the information in it or in any attachments is strictly prohibited and may be unlawful. If you have received this communication in error, please return it with the title "received in error" to [EMAIL PROTECTED] then delete the email and destroy any copies of it. E-mail communications cannot be guaranteed to be secure or error free, as information could be intercepted, corrupted, amended, lost, destroyed, arrive late or incomplete, or contain viruses. We do not accept liability for any such matters or their consequences. Anyone who communicates with us by e-mail is taken to accept the risks in doing so. When addressed to our clients, any opinions or advice contained in this e-mail and any attachments are subject to the terms and conditions expressed in the governing Deloitte MCS Limited client engagement letter. Opinions, conclusions and other information in this e-mail and any attachments which do not relate to the official business of the firm are neither given nor endorsed by it. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]