Permission in Application Registry
by Matthew Wringe
I created https://jira.jboss.org/jira/browse/GTNPORTAL-1137 but it seems
like it might be somewhat working depending on what it actually means.
What is the permission setting in application registry suppose to do
actually do? Is it suppose to prevent a user from accessing the content
or to prevent a user from adding that type of portlet to a page?
Each portlet or gadget can specify a 'access permission', but this
doesn't seem to prevent users from viewing the application.
What it does seem …
[View More]to do is if an unauthorized user tries to add this
portlet to a page, they can add the portlet, they just can't view the
added portlet on the page. This doesn't seem like expected behaviour
either.
[View Less]
14 years, 10 months
Portal and page names and case sensitivity
by Thomas Heute
The great MySQL and MSSQL made that choice that tables (by default) are
made case insensitive.
Meaning that 'foobar' is the same as 'FooBar'.
Today if you create a portal or a page 'toto' and then 'tOtO' it will
work for other databases but for MySQL or MSSQL it will fail.
We should prevent to have 2 portal names that are the same (case
insensitive). We can't do a simple JCR query (AFAIK) to verify if 2
portal names are the same (case insensitive), unless we try and catch an
error. But …
[View More]the error would only happen for those 2 and would potentially
make a migration from 1 DB to another difficult since they would react
differently.
The other option is to transform all ids to lowercase before storing in
Database so we are safe with all database. I actually think it would be
a good practice as those ids appear in the URL which are usually all in
lowercase.
Or if anyone think about any other option ?
Thomas.
[View Less]
14 years, 11 months
Retrieving user data from within a gadget
by Matthew Wringe
Is there any standard way to retrieve the user information from within a
gadget? I have looked into oauth, and it appears to be some oauth code
in GateIn, but it doesn't appear like its setup properly to allow me to
access information about the currently logged in user.
I can use the cataline SingleSignOn authenticator and use the same realm
in my gadget war to get the remote username. Is there not a better way
to do this?
14 years, 11 months
