Jetspeed 2 provides the four following high level security services:
UserManager
: Service providing user management capabilities.
GroupManager
: Service providing group management capabilities.
RoleManager
: Service providing role management capabilities.
PermissionManager
: Service providing permission management capabilities.
In order to access Jetspeed high level security services in your portlets, Jetspeed provide a custom
extension to the portlet.xml metadata. All Jetspeed custom metadata is located in the
jetspeed-portlet.xml configuration file in the WEB-INF folder of the portlet
application. The custom js:services tag provides the ability to expose portal services
to a portlet through the javax.portlet.PortletContext.
Jetspeed portal services are configured in the spring assembly file located in the portal
WEB-INF/assembly/jetspeed-services configuration file. The UserManager for instance
is configured as follow:
<!-- Portlet Services -->
<bean id="PortalServices"
class="org.apache.jetspeed.services.JetspeedPortletServices" >
<constructor-arg>
<map>
...
<entry key="UserManager">
<ref bean="org.apache.jetspeed.security.UserManager"/>
</entry>
...
</map>
</constructor-arg>
</bean>
The UserManager services is then available to be loaded in a specific portlet
PortletContext. Portlet developers need to specify the portal services they
would like to use. The following example shows how to expose the portal UserManager
to a portlet application:
<js:services>
<js:service name='UserManager'/>
</js:services>
Once a portal service is loaded in the portlet context, the portlet implementation (which typically
extends javax.portlet.GenericPortlet) can access the service as follow:
PortletContext context = getPortletContext();
userManager = (UserManager) context.getAttribute(CommonPortletServices.CPS_USER_MANAGER_COMPONENT);
CommonPortletServices.CPS_USER_MANAGER_COMPONENT = "cps:UserManager"