6 Replies Latest reply on Apr 19, 2006 11:16 AM by patrickdalla

    Dynamic Role for portlets

    patrickdalla
    patrickdalla Apr 12, 2006 2:14 PM

      It is only possible to verify that a user is in a Role (portletRequest.isUserInRole(String)) if that role was defined in portlet.xml.

      But on of my portlets implementation is used many times in my portal, each with a diferent portlet instance in diferent pages.

      For each of this page, a diferent role is responsible for administration.

      How can I define this?

      And if I want to specify roles at run time?

      • 2419 Views
      • Tags:
        • 1. Re: Dynamic Role for portlets
          patrickdalla
          patrickdalla Apr 12, 2006 2:17 PM (in response to patrickdalla)

          This was a problem in JBoss Portal 2.0 and persists in JBoss Portal 2.2.

          More specifically in the class PortletRequestImpl

          public boolean isUserInRole(String roleName)
 {
 // Get the map role name to role link
 Map securityRoleRefsMap = ((PortletContainer)creq.getComponent()).getSecurityRoleRefsMap();

 // Process the role link
 String roleLink = (String)securityRoleRefsMap.get(roleName);
 if (roleLink == null)
 {
 if (securityRoleRefsMap.containsKey(roleName))
 {
 // The role name exist without a role link value
 return securityContext.isUserInRole(roleName);
 }
 else
 {
 // No role name is defined
 return false;
 }
 }
 else
 {
 // We have the role link value
 return securityContext.isUserInRole(roleLink);
 }
 }


          note that if the role is not in "securityRoleRefsMap" the method return false.

            • Actions
          • 2. Re: Dynamic Role for portlets
            patrickdalla
            patrickdalla Apr 17, 2006 12:50 PM (in response to patrickdalla)

            No response? No way?

              • Actions
            • 3. Re: Dynamic Role for portlets
              cpage Apr 17, 2006 2:00 PM (in response to patrickdalla)

              you can add security constraints to the windows (which are link with an instance of a portlet)

              then, use a roleModule to check if the user has this role.

                • Actions
              • 4. Re: Dynamic Role for portlets
                patrickdalla
                patrickdalla Apr 18, 2006 2:13 PM (in response to patrickdalla)

                Didin't linked this implementation.

                I think my portlet should be decoupled of RoleModule implementation.

                I need a way that the method isUserInRole of PortletRequest works.

                  • Actions
                • 5. Re: Dynamic Role for portlets
                  patrickdalla
                  patrickdalla Apr 18, 2006 2:14 PM (in response to patrickdalla)

                  Didn't liked this implementation.

                  I think my portlet should be decoupled of RoleModule interface.

                  I need a way that the method isUserInRole of PortletRequest works.

                    • Actions
                  • 6. Re: Dynamic Role for portlets
                    patrickdalla
                    patrickdalla Apr 19, 2006 11:16 AM (in response to patrickdalla)

                    I've utilized JaasSecurityManager for Role membership verification.

                    try{
 InitialContext ic = new InitialContext();
 jsm = (JaasSecurityManager) ic.lookup("java:jaas/portal");
}catch(Exception e){
}


                    But these way, my portlet will need to know the name of the JaasSecurityManager bindend for Jboss Portal.

                    I would like a transparent way.

                      • Actions