If you look at the news-app in 0.8.5 (orion/applications/news.ear - will
unpack upon deployment) you'll notice
that when you login you do or dont get an "(edit)" link next to each
news-item depending on if you logged in as
administrator or not. Is this the kind of functionality you want? If so then
I suggest using the utiltags.jar taglib
used in the demo.
The page syntax then looks like this:
<util:ifInRole role="users">
The user-only text.
</util:ifInRole>
What goes on behind the scenes is a request.isUserInRole("role") call which
is how you interract with the container to see if
a user is in the specified role.
You do not deal with users/groups but rather with these "roles" which is a
server-independent abstraction of the earlier.
The only time you deal with users/groups is when handling user-management
(adding, removing users etc). This is
also the "only" standard action that is yet to be standardized and is hence
server-dependent (in Orion 0.8.4+ you look up the
UserManager via the JNDI name "java:comp/UserManager"). If you also want to
swap the "backend" (user profile storage)
you will have to add a <user-manager> tag to META-INF/orion-application.xml
of your application. Common UserManagers
are DataSourceUserManager and EJBUserManager (LDAPUserManager will follow).
You specify a "role" (the part you usually interface with) in
web.xml/ejb-jar.xml/application.xml with syntax similar to this one:
<security-role>
<role-name>users</role-nam>
<description>The users of this site.</description>
</security-role>
If no deployment mapping is done this will map to the group with the same
name (if it exists).
A deployment mapping is made in the deployment files (orion-application.xml,
orion-ejb-jar.xml etc) and looks something like this:
<security-role>
<role-name>users</role-name>
<group>aGroup</group>
<user>someUser</user>
</security-role>
This syntax might change prior to the next "public" (0.9.0) release but will
contain roughly the same info. You can get the current
version at http://www.orionserver.com/new/orion0.8.4c.zip if you want to
take a look at the current version of the news-app etc.
But be prepared to do some reconfiguring (due to config file changes) if you
do.
I hope that sheds at least some light on the situation, if you've got any
additional queries feel free to ask.
/Magnus Stenman. the Orion team
----- Original Message -----
From: "Evan Vaala" <[EMAIL PROTECTED]>
To: "Orion-Interest" <[EMAIL PROTECTED]>
Sent: Wednesday, January 26, 2000 11:11 PM
Subject: UserManager Questions
> Using Orion 0.8.2
>
> Does anybody know how to gain access of the default UserManager instance.
I am
> assuming that it can be acquired via jndi, but I do not know the lookup
name.
>
> I am trying to gain access inside a jsp page to determine if a user( from
> request.getUserPrincipal() ) belongs to an assigned
roup( user.isMemberOf(
> Group group ) ). But the only way that I can find to obtain the group is
via
> the UserManager interface.
>
> I know that Orion Jsp does check page access automatically, like in the
news
> demo, but I want to gain access inside a page to secure certain sections
within
> the page itself.
>
> Also, I currently want to use the default XMLUserManager.
>
> Any help would be greatly apprecitated!
>
> Thanks!
>
> Evan Vaala
