Hi everybody, I have got two questions related to the security model. First: In the new securtiy modell, it's possible to give the right to do certain actions with <access action="something"> to users. Which are the possible actions and what do they do ? I was looking for something about that but couldn't find anything. Does somebody know where to look ? I didn't find the names self-explaining. For example there's the action view which I expected to be the right to view the portlet. So I expected that the Portlet "SecurityExample" which is registered as <security-ref parent="user-view_admin-all"/> can be seen by a user, but when I tried it the portlet was not even in the list of available portlets. Second: (not exactly about the security model, but related) In config_guide.html it is said that services.Profiler.newuser.template= enables role-based psml. What does this mean ? Does it mean that the psml is not taken from a user, but from the WEB-INF/psml/roles directory ? If this is the case, I do not understand what's the purpose of this. A new user has got one specified role anyway and therefore all new users would get the same PSML. So I can't see the advantage over taking the PSML from a user, where all new users get the same PSML as well. (I well remember that I once said something in this list about assigning PSMLs to new users according to role. But in the meantime I got convinced that this is nonsense because all new user can only get the same role.)
Thanks for any comments! Stefan -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
