Jetspeed 2 provides the four following high level security services:
UserManager
: Service providing user management capabilities.
GroupManager
: Service providing group management capabilities.
RoleManager
: Service providing role management capabilities.
PermissionManager
: Service providing permission management capabilities.
In order to access Jetspeed high level security services in your portlets, Jetspeed provide a custom
extension to the portlet.xml
metadata. All Jetspeed custom metadata is located in the
jetspeed-portlet.xml
configuration file in the WEB-INF
folder of the portlet
application. The custom js:services
tag provides the ability to expose portal services
to a portlet through the javax.portlet.PortletContext
.
Jetspeed portal services are configured in the spring assembly file located in the portal
WEB-INF/assembly/jetspeed-services
configuration file. The UserManager for instance
is configured as follow:
<!-- Portlet Services --> <bean id="PortalServices" class="org.apache.jetspeed.services.JetspeedPortletServices" > <constructor-arg> <map> ... <entry key="UserManager"> <ref bean="org.apache.jetspeed.security.UserManager"/> </entry> ... </map> </constructor-arg> </bean>
The UserManager
services is then available to be loaded in a specific portlet
PortletContext
. Portlet developers need to specify the portal services they
would like to use. The following example shows how to expose the portal UserManager
to a portlet application:
<js:services> <js:service name='UserManager'/> </js:services>
Once a portal service is loaded in the portlet context, the portlet implementation (which typically
extends javax.portlet.GenericPortlet
) can access the service as follow:
PortletContext context = getPortletContext(); userManager = (UserManager) context.getAttribute(CommonPortletServices.CPS_USER_MANAGER_COMPONENT);
CommonPortletServices.CPS_USER_MANAGER_COMPONENT = "cps:UserManager"