[jboss-user] [JBoss Portal] - Re: Portlet Security Constraints
do-not-reply at jboss.com
Mon Aug 25 12:18:22 EDT 2008
The Admin Console is fine except for the need for this to be automated from deployment scripts and reproducible w/o manual intervention.
Our solution is going to be implementing an automated mapper for building out our individual portlet-instances.xml permissions across the dozen or so portlet application WARs that are in our deployment package.
Will be adding this to the list along with a *-object.xml topology exporter utility.
On a purely academic level, it doesn't make a lot of sense to be binding the instance security configs with the web app deployment file in a portal framework/topology. This situation is an excellent example why, actually... we have four separate "portals" being hosted on one server but sharing certain generic components. If one portal's security profiles and portlet permissions need modification it will mean a re-deployment of the entire EAR, rather than just a secodary configuration WAR (like what we're doing with managing topology in a separate WAR). Based on experience with a number of other portal frameworks this level of separation can be very valuable when measuring risk/impact of deployment execution.
Thanks for the info!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4172365#4172365
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4172365
More information about the jboss-user