Jetspeed 2 provides the four following high level security services:
UserManager: Service providing user management capabilities.
GroupManager: Service providing group management capabilities.
RoleManager: Service providing role management capabilities.
PermissionManager: Service providing permission management capabilities.
In order to access Jetspeed high level security services in your portlets, Jetspeed provide a custom
extension to the
portlet.xml metadata. All Jetspeed custom metadata is located in the
jetspeed-portlet.xml configuration file in the
WEB-INF folder of the portlet
application. The custom
js:services tag provides the ability to expose portal services
to a portlet through the
Jetspeed portal services are configured in the spring assembly file located in the portal
WEB-INF/assembly/jetspeed-services configuration file. The UserManager for instance
is configured as follow:
<!-- Portlet Services --> <bean id="PortalServices" class="org.apache.jetspeed.services.JetspeedPortletServices" > <constructor-arg> <map> ... <entry key="UserManager"> <ref bean="org.apache.jetspeed.security.UserManager"/> </entry> ... </map> </constructor-arg> </bean>
UserManager services is then available to be loaded in a specific portlet
PortletContext. Portlet developers need to specify the portal services they
would like to use. The following example shows how to expose the portal
to a portlet application:
<js:services> <js:service name='UserManager'/> </js:services>
Once a portal service is loaded in the portlet context, the portlet implementation (which typically
javax.portlet.GenericPortlet) can access the service as follow:
PortletContext context = getPortletContext(); userManager = (UserManager) context.getAttribute(CommonPortletServices.CPS_USER_MANAGER_COMPONENT);
CommonPortletServices.CPS_USER_MANAGER_COMPONENT = "cps:UserManager"