Getting Jetspeed 2

1st get Subversion (svn) 2nd get the Source Code of the current Jetspeed 2 (it is not yet officially released, that's why there are no binaries yet.

Installation of Jetspeed 2

After downloading the Source Code from the Subversion repository, you need to follow the Getting Started: http://portals.apache.org/jetspeed-2/getting-started.html Unfortunately for beginners there is still some missing information in this Getting Started documentation. Hopefully this will get improved soon.

Security in Jetspeed 2

The security and user management in Jetspeed 2 is based on different columns. The access to different pages and folders is granted via "security-constrains" which can be found in different files. The structure of these files is hierarchic nature means that the files in subfolders of the "pages"-folder within Jetspeed 2 inherit the properties of their parent folder(s). Additionally it can be mentioned that the Portal Structure Markup Language (PSML) is a crucial part of the portal. So if you define security-constraints in the "page-security" file in the "pages" folder of "WEB-INF" you have different options for these security-constraints. For example you can define "global" or "declarative" security-constraints.

the page.security

This is an example for a jetspeed2 page.security, which is in the pages folder.

Example

<!-- define global admin constraints -->
  <security-constraints-def name="admin">
    <security-constraint>
      <roles>admin</roles>
      <permissions>view, edit</permissions>
    </security-constraint>
  </security-constraints-def>
  <global-security-constraints-ref>admin</global-security-constraints-ref>

This constraint is used by denies for the other users.

Example

<security-constraints>
  <security-constraint>
    <roles>users</roles>
  </security-constraint>
</security-constraints>

As you can see the "users" do not have any permissions to this file or folder. Next example is a declarative manager constraint.

Example

<security-constraints-def name="manager">
    <security-constraint>
      <roles>manager</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>

To give users with the role manager permission to a folder or a file use the following reference in your file as security constraint so that the permissions of the declarative constraint are adapted.

Example

<security-constraints>
  <!-- this is the reference -- >
  <security-constraints-ref>manager</security-constraints-ref>
</security-constraints>

There is another posibility to define security-constraints, completing the overview. You can combine different roles in one constraint, means that you can add different roles to one constraint for example the constraint "users" as you can see in the next example.

Example

<security-constraints-def name="users">
    <security-constraint>
      <roles>user, manager</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>
  • No labels