Authorization/Security Mapping SPI Overview

The authorization SPI provides the implementation to support Jetspeed 2 users, roles and groups associations and the roles/groups hierarchy policy. It provides the underlying mechanism to support the implementation of the RoleManager and GroupManager .

As described in the security overview , Jetspeed support hierarchical role based access control with configurable hierarchy policies.

First, let's have a look at a class diagram of the authorization SPI:

Authorization SPI Components

The authorization SPI implements the following components:

Component Description See security-spi-atz.xml configuration. See hierarchy management. See security-spi-atz.xml configuration. See security-spi-atz.xml configuration.