-
1. Re: Issue in defining role based category display in JBOSS f
unibrew Aug 4, 2006 12:14 PM (in response to rahulm)http://wiki.jboss.org/wiki/Wiki.jsp?page=ForumsPortletInPortal22DevelopementStatus
Should help :-).
------------------------
Ryszard Kozmik
JBoss Labs Team -
2. Re: Issue in defining role based category display in JBOSS f
rahulm Aug 4, 2006 12:23 PM (in response to rahulm)Thanks for the quick reply...
I did add the entries in to portlet.xml like
<security-role-ref>
<role-name>ForumsAttachments</role-name>
<role-link>Marketing</role-link>
</security-role-ref>
<security-role-ref>
<role-name>ForumsUser</role-name>
<role-link>Marketing</role-link>
</security-role-ref>
I also added entry to jboss-portlet.xml like
/Marketing
<permission-name>AddForumInCategory</permission-name>
<role-name>Marketing</role-name>
Now I can view all the categories which i do not want.
For a marketing role it should anly show me the marketing-category forum and posts.
How can I achieve that? -
3. Re: Issue in defining role based category display in JBOSS f
rahulm Aug 4, 2006 12:25 PM (in response to rahulm)This is the entry I added to jboss-portlet.xml
/Marketing
<permission-name>AddForumInCategory</permission-name>
<role-name>Marketing</role-name>
is it fine or i have to add more entries to achieve the functionality. -
4. Re: Issue in defining role based category display in JBOSS f
rahulm Aug 4, 2006 1:38 PM (in response to rahulm)this is the entry in jboss-portlet.xml to give permission to marketing role only to the Marketing forum.
/Marketing
<permission-name>AddForumInCategory</permission-name>
<role-name>Marketing</role-name>
It is still not allowing marketing role users to post reply to this specific category. -
5. Re: Issue in defining role based category display in JBOSS f
bdaw Aug 4, 2006 3:04 PM (in response to rahulm)Current Forums Portlet is not under development, and has very simplified security implementation (as described in wiki). You cannot setup role based access to specified categories.
What is misleading is that security stuff in jboss-portlet.xml is not used and should be removed. Only settings in portlet.xml are used. Sorry for that...
Currently whole Forums Portlet is being rewritten in JSF and should be released soon.
So what you can do is implementing by yourself as it is OSS. You can find all security checks in:
org.jboss.portlet.forums.ForumsPortlet
What you look for is:
ForumsTools.hasPermission(.....)
method call.
Or wait for new shining Forums Portlet JSF implementations with pluggable security model ;)