[jboss-cvs] jboss-portal-docs/referenceGuide/en/modules ...
Roy Russo
russo at jboss.com
Fri Jul 21 13:47:05 EDT 2006
User: russo
Date: 06/07/21 13:47:04
Modified: referenceGuide/en/modules security.xml xmldescriptors.xml
Log:
JBPORTAL-873 - added security changes
Revision Changes Path
1.13 +33 -23 jboss-portal-docs/referenceGuide/en/modules/security.xml
(In the diff below, changes in quantity of whitespace are not shown.)
Index: security.xml
===================================================================
RCS file: /cvsroot/jboss/jboss-portal-docs/referenceGuide/en/modules/security.xml,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -b -r1.12 -r1.13
--- security.xml 12 Jul 2006 18:52:46 -0000 1.12
+++ security.xml 21 Jul 2006 17:47:04 -0000 1.13
@@ -11,44 +11,52 @@
<sect1 id="securing_objects">
<title>Securing Portal Objects</title>
<para>
- This section describes how to secure portal objects (windows, pages, and portal instances), using the JBoss
- Portal *-object.xml descriptor. View the User Guide for information on how to secure objects using the
+ This section describes how to secure portal objects (portal instances, pages, and portlet instances), using the
+ JBoss
+ Portal *-object.xml descriptor OR portlet-instances.xml descriptor. View the User Guide for information on how
+ to secure objects using the
Management Portlet.
</para>
<para>Securing portal objects declaratively, is done through the *-object.xml (
<xref linkend="desc_objectxml"/>
- ). The portion you will be adding to each object is denoted by the
+ ), for Portal Instances and Pages, or the portlet-instances.xml (
+ <xref linkend="desc_instancesxml"/>
+ ) for Portlet Instances. The portion you will be adding to each object is denoted by the
<emphasis><security-constraint></emphasis>
tag:
- <programlisting><![CDATA[
-<?xml version="1.0" encoding="UTF-8"?>
+ <programlisting><![CDATA[<?xml version="1.0" encoding="UTF-8"?>
<deployments>
<deployment>
<if-exists>overwrite</if-exists>
- <parent-ref>default.default</parent-ref>
+ <parent-ref>default</parent-ref>
+ <properties/>
+ <page>
+ <page-name>MyPage</page-name>
<window>
- <window-name>HelloWorldJSPPortletWindow</window-name>
- <instance-ref>HelloWorldJSPPortletInstance</instance-ref>
+ <window-name>HelloWorldPortletPageWindow</window-name>
+ <instance-ref>HelloWorldPortletPageInstance</instance-ref>
<region>center</region>
- <height>1</height>
+ <height>0</height>
</window>
<security-constraint>
<policy-permission>
<unchecked/>
- <action-name>view</action-name>
+ <action-name>viewrecursive</action-name>
</policy-permission>
</security-constraint>
+ </page>
</deployment>
-</deployments>]]></programlisting>
+</deployments>]]>
+ </programlisting>
</para>
<para>
- A security constraint on an object (our example above, secures a specific portlet window), is explained as:
+ A security constraint on an object (our example above, secures a specific portal page), is explained as:
<para>
<programlisting><![CDATA[
<security-constraint>
<policy-permission>
<unchecked/>
- <action-name>view</action-name>
+ <action-name>viewrecursive</action-name>
</policy-permission>
</security-constraint>]]></programlisting>
The security contraint portion is worth taking a look at, in an isolated fashion. It allows you to
@@ -88,9 +96,11 @@
</listitem>
</itemizedlist>
</para>
- We provide two live samples of this descriptors, here
+ We provide three live samples of this descriptor, here
+ <xref linkend="desc_instancesxml"/>
+ ,
<xref linkend="desc_example_page"/>
- and
+ ,and
<xref linkend="desc_example_portal"/>
</para>
</sect1>
1.28 +59 -54 jboss-portal-docs/referenceGuide/en/modules/xmldescriptors.xml
(In the diff below, changes in quantity of whitespace are not shown.)
Index: xmldescriptors.xml
===================================================================
RCS file: /cvsroot/jboss/jboss-portal-docs/referenceGuide/en/modules/xmldescriptors.xml,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -b -r1.27 -r1.28
--- xmldescriptors.xml 13 Jul 2006 14:16:58 -0000 1.27
+++ xmldescriptors.xml 21 Jul 2006 17:47:04 -0000 1.28
@@ -39,12 +39,6 @@
<region>center</region>
<height>1</height>
</window>
- <security-constraint>
- <policy-permission>
- <unchecked/>
- <action-name>view</action-name>
- </policy-permission>
- </security-constraint>
</deployment>
</deployments>]]></programlisting>
<itemizedlist>
@@ -126,53 +120,6 @@
can be any number between 0-X.
</para>
</listitem>
- <listitem>
- <para>
- <programlisting><![CDATA[
-<security-constraint>
- <policy-permission>
- <unchecked/>
- <action-name>view</action-name>
- </policy-permission>
-</security-constraint>]]></programlisting>
- The security contraint portion is worth taking a look at, in an isolated fashion. It allows you to
- secure a specific window/page/portal-instance based on a user's role.
- </para>
- <para>
- <emphasis role="bold">Role definition:</emphasis>
- You must define a role that this security constraint will apply to. Possible values are:
- <itemizedlist>
- <listitem>
- <emphasis role="bold"><unchecked/></emphasis>
- Anyone can view this page.
- </listitem>
- <listitem>
- <emphasis role="bold"><role-name>SOMEROLE</role-name></emphasis>
- Access to this page is limited to the defined role.
- </listitem>
- </itemizedlist>
- <emphasis role="bold">Access Rights:</emphasis>
- You must define the access rights given to the role defined. Possible values are:
- <itemizedlist>
- <listitem>
- <emphasis role="bold">view</emphasis>
- Users can view the page.
- </listitem>
- <listitem>
- <emphasis role="bold">viewrecursive</emphasis>
- Users can view the page and child pages.
- </listitem>
- <listitem>
- <emphasis role="bold">personalize</emphasis>
- Users are able to view AND personalize the page.
- </listitem>
- <listitem>
- <emphasis role="bold">personalizerecursive</emphasis>
- Users are able to view AND personalize the page AND its child pages.
- </listitem>
- </itemizedlist>
- </para>
- </listitem>
</itemizedlist>
</para>
<para>The example *-object.xml, above, makes reference to items found in other descriptor files. To
@@ -185,7 +132,7 @@
</mediaobject>
</para>
</sect2>
- <sect2>
+ <sect2 id="desc_instancesxml">
<title>portlet-instances.xml</title>
<para>This is a JBoss Portal specific descriptor that allows a developer to instantiate one-or-many instances
of one-or-many portlets. The benefit of using this technique, is to allow one portlet to be instantiated
@@ -217,6 +164,12 @@
<value>http://finance.yahoo.com/rss/headline?s=rhat</value>
</preference>
</preferences>
+ <security-constraint>
+ <policy-permission>
+ <unchecked/>
+ <action-name>view</action-name>
+ </policy-permission>
+ </security-constraint>
</instance>
</deployment>
<deployment>
@@ -233,6 +186,12 @@
<value>http://finance.yahoo.com/rss/headline?s=mcd</value>
</preference>
</preferences>
+ <security-constraint>
+ <policy-permission>
+ <unchecked/>
+ <action-name>view</action-name>
+ </policy-permission>
+ </security-constraint>
</instance>
</deployment>
</deployments>
@@ -297,6 +256,52 @@
]]></programlisting>
</para>
</listitem>
+ <listitem>
+ <para>
+ <programlisting><![CDATA[<security-constraint>
+ <policy-permission>
+ <unchecked/>
+ <action-name>viewrecursive</action-name>
+ </policy-permission>
+</security-constraint>]]></programlisting>
+ The security contraint portion is worth taking a look at, in an isolated fashion. It allows you to
+ secure a specific portlet instance based on a user's role.
+ </para>
+ <para>
+ <emphasis role="bold">Role definition:</emphasis>
+ You must define a role that this security constraint will apply to. Possible values are:
+ <itemizedlist>
+ <listitem>
+ <emphasis role="bold"><unchecked/></emphasis>
+ Anyone can view this page.
+ </listitem>
+ <listitem>
+ <emphasis role="bold"><role-name>SOMEROLE</role-name></emphasis>
+ Access to this page is limited to the defined role.
+ </listitem>
+ </itemizedlist>
+ <emphasis role="bold">Access Rights:</emphasis>
+ You must define the access rights given to the role defined. Possible values are:
+ <itemizedlist>
+ <listitem>
+ <emphasis role="bold">view</emphasis>
+ Users can view the page.
+ </listitem>
+ <listitem>
+ <emphasis role="bold">viewrecursive</emphasis>
+ Users can view the page and child pages.
+ </listitem>
+ <listitem>
+ <emphasis role="bold">personalize</emphasis>
+ Users are able to view AND personalize the page.
+ </listitem>
+ <listitem>
+ <emphasis role="bold">personalizerecursive</emphasis>
+ Users are able to view AND personalize the page AND its child pages.
+ </listitem>
+ </itemizedlist>
+ </para>
+ </listitem>
</itemizedlist>
</para>
<para>The example portlet-instances.xml, above, makes reference to items found in other descriptor files. To
More information about the jboss-cvs-commits
mailing list