portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Sean Taylor <d.tay...@onehippo.com>
Subject Re: Jetspeed Authorization
Date Wed, 19 Aug 2009 21:35:16 GMT

On Aug 19, 2009, at 2:15 PM, Deepak Kaimal wrote:

> David,
> Thank you for your response and I hope you enjoyed your vacation, I  
> am sure it was well earned.
> My aim was to create a Policy Enforcement Point (PEP) for J2 with  
> the OpenSSO server acting as the PDP and PAP. As we progressed, we  
> realized that the authorization components are distributed within  
> the J2 codebase and because of the different kinds of authorization  
> modes supported, it is not easy to pull just that component out.
> We have decided that letting J2 manage authorization internally is  
> probably more robust and performance optimized since there is no  
> easy and manageable way to plugin a new authorization system.
> Overall, I am now of the belief that authentication can be  
> centralized, but authorization is best handled natively.
OK... yes, we have the Java Security Policy based checks as well as  
Security Constraints. I still like the idea of having a central  
security accessor service as the dependency to all other services  
requiring high level authorization checks. I am considering creating a  
JIRA issue to complete this work, although Im quite busy right now  
coming, especially after returning from vacation :) and not sure when  
I can get to it

To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

View raw message