'RE: Role for the unlogged user, othr questions'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       jetspeed-user
Subject:    RE: Role for the unlogged user, othr questions
From:       "Mark Orciuch" <mark_orciuch () ngsltd ! com>
Date:       2002-09-27 15:25:45
[Download RAW message or body]

Correction:

>         <access action="view">
>             <allow-if role="guest"
>         </access>
>         <access action="minimize">
>             <allow-if role="guest"
>         </access>
>         <access action="maximixe">
>             <allow-if role="guest"
>         </access>

Best regards,

Mark C. Orciuch
Next Generation Solutions, Ltd.
e-Mail: mark_orciuch@ngsltd.com
web: http://www.ngsltd.com

> -----Original Message-----
> From: Mark Orciuch [mailto:mark_orciuch@ngsltd.com]
> Sent: Friday, September 27, 2002 10:19 AM
> To: Jetspeed Users List
> Subject: RE: Role for the unlogged user, othr questions
>
>
> Dariush,
>
> I am not familiar with
> "services.JetspeedSecurity.permission.default.anonymous" setting. However,
> with "services.JetspeedSecurity.actions.anon.disable=false", you should be
> able to add the following to the "default" security entry:
>
>         <access action="view">
>             <allow-if role="guest"
>         </access>
>         <access action="view">
>             <allow-if role="minimize"
>         </access>
>         <access action="maximixe">
>             <allow-if role="guest"
>         </access>
>
> ... or create another security entry. I have not tested this but give it a
> go.
>
> Best regards,
>
> Mark C. Orciuch
> Next Generation Solutions, Ltd.
> e-Mail: mark_orciuch@ngsltd.com
> web: http://www.ngsltd.com
>
> > -----Original Message-----
> > From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> > Sent: Friday, September 27, 2002 5:28 AM
> > To: Jetspeed Users List
> > Subject: R: Role for the unlogged user, othr questions
> >
> >
> > Hi Mark,
> > I've made some tests and I've got some questions on
> JetSpeedSecurity.prop.
> >
> > To make my tests, I've created a simple portlet with no security-ref tag
> > inside.
> >
> > I have changed the default settings as follow
> > services.JetspeedSecurity.permission.default.anonymous=view, minimize,
> > maximize
> > services.JetspeedSecurity.actions.anon.disable=false
> >
> > With these two options, an unlogged user (anon) should be able
> > only to view,
> > minimize and maximize my simple portlet, because no permissions
> > are defined
> > by default to the portlet (I think) but really he see all the actions
> > available (customize, close, maximize and so on).
> >
> > The same thing happens by default to panels customize buttons...
> >
> > It seems that the default.anonymous entry is not read at all.
> >
> > How can I use these two options to make available by default
> > view, minimize
> > and maximize options to the anon visitor?
> >
> > Thanks, Dariush.
> >
> >
> >
> > -----Messaggio originale-----
> > Da: Mark Orciuch [mailto:mark_orciuch@ngsltd.com]
> > Inviato: giovedė 26 settembre 2002 22.32
> > A: Jetspeed Users List
> > Oggetto: RE: Role for the unlogged user, othr questions
> >
> >
> > Dariush,
> >
> > According to this
> > http://www.mail-archive.com/jetspeed-user@jakarta.apache.org/msg04
> > 847.html,
> > the role-based permissions are maintained for backward compatibility. I
> > can't confirm that by examining RegistryAccessController class so my
> > conclusion is that it does not work anymore and you have to use
> > the security
> > references.
> >
> > Best regards,
> >
> > Mark C. Orciuch
> > Next Generation Solutions, Ltd.
> > e-Mail: mark_orciuch@ngsltd.com
> > web: http://www.ngsltd.com
> >
> >
> > > -----Original Message-----
> > > From: Dariush Behboudi [mailto:dariush.behboudi@glamm.com]
> > > Sent: Thursday, September 26, 2002 11:00 AM
> > > To: Jetspeed Users List
> > > Subject: Role for the unlogged user, othr questions
> > >
> > >
> > > Another question: I'm trying also to change role permissions using the
> > > 'Security role browser', but nothing seems to change
> accessing portlets
> > > using modifing role permissions (maybe am I making a mistake?).
> > >
> > > I would prefer to use role-based permissions (defined in the
> > security role
> > > browser) instead of configuring security-regs.
> > >
> > > What do you think about that?
> > >
> > > Thanks, Dariush.
> > >
> > >
> > > Hi everyone,
> > > I need to make possibile for the unregistered users (not
> > logged) to view,
> > > minimize and maximize portlets.
> > > To make this possible I created a new security entry for the
> > 'guest' role,
> > > as follow:
> > >
> > >     <security-entry name="guestPerms">
> > >         <meta-info>
> > >             <title>guestPerms</title>
> > >             <description>guestPerms</description>
> > >         </meta-info>
> > >         <access action="view">
> > >             <allow-if role="guest"/>
> > >         </access>
> > >         <access action="maximize">
> > >             <allow-if role="guest"/>
> > >         </access>
> > >         <access action="minimize">
> > >             <allow-if role="guest"/>
> > >         </access>
> > >     </security-entry>
> > >
> > > I assigned to a portlet this security Perm, but accessing to
> the related
> > > pane as visitor (not logged), I'm not able to maximize and
> minimize, but
> > > only to view the portlet.
> > >
> > > Logging as 'anon' the security-entry is executed correctly.
> > >
> > > Thus, my question is: what's the default role assigned to an
> > > unlogged user?
> > > I belived that accessing jetspeed as a visitor was the same than
> > > logging on
> > > with 'anon' user, but my test demostrates that itsn't so.
> > >
> > > Regards, Dariush.
> > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <mailto:jetspeed-user-unsubscribe@jakarta.apache.org>
> > For additional commands, e-mail:
> > <mailto:jetspeed-user-help@jakarta.apache.org>
> >
> >
> > --
> > To unsubscribe, e-mail:
> > <mailto:jetspeed-user-unsubscribe@jakarta.apache.org>
> > For additional commands, e-mail:
> > <mailto:jetspeed-user-help@jakarta.apache.org>
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <mailto:jetspeed-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:jetspeed-user-help@jakarta.apache.org>
>
>
> --
> To unsubscribe, e-mail:
<mailto:jetspeed-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail:
<mailto:jetspeed-user-help@jakarta.apache.org>


--
To unsubscribe, e-mail:   <mailto:jetspeed-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-user-help@jakarta.apache.org>

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic