I am not an expert but you might want to read between the lines in the
security series of documents starting with the overview.
http://portals.apache.org/jetspeed-2/multiproject/jetspeed-security/index.html
This might also help
http://portals.apache.org/jetspeed-2/guides/guide-profiler.html
Jetspeed uses the user profile to determine what page to build to
satisfy each request.
Authentication is only part of the problem. You probably need to provide
a way to use your external users profiles to direct the decision making
process within Jetspeed to get the pages (and other authorizations) that
you expect for each user.
You will probably get better help here later but I hope that this helps.
Ron
Serkan Camurcuoglu wrote:
Hi all,
I'm trying to make Jetspeed use another user database in addition to its
ordinary user database (I'm using Jetspeed 2.1.3 installed on a MySQL
database). This database will contain a large number of users that are allowed
to log on to the portal with the portal-user role. This database is an external
database which has a fixed structure, I cannot change it. The original user
database of Jetspeed will be used for privileged users such as admin. Here are
some more points:
- If possible, I don't want my custom authentication/authorization code to
depend on Jetspeed's security classes, I want it to be JAAS compatible
- I've tried developing a custom JAAS login module and plugging it in using
login.conf, but I think that's not enough
- I've also tried extending DefaultUserSecurityHandler and
DefaultCredentialHandler, but I think I have to do some more because it seems
like my users are not authorized to view the pages that other users can see
- How are portlet preferences affected in this case? Will Jetspeed save my
users' portlet preferences in its own database automatically, or will I also
need to implement preference storage myself?
I would like to learn the best approach to accomplish this task. Any help will
be appreciated. Thanks in advance..
SerkanC
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
