The authorization SPI provides the implementation to support Jetspeed 2 users, roles and groups associations and the roles/groups hierarchy
policy. It provides the underlying mechanism to support the implementation of the
RoleManager
and
GroupManager
.
As described in the security overview , Jetspeed support hierarchical role based access control with configurable hierarchy policies.
First, let's have a look at a class diagram of the authorization SPI:
The authorization SPI implements the following components:
| Component | Description |
|---|---|
| org.apache.jetspeed.security.spi.SecurityMappingHandler | See security-spi-atz.xml configuration. |
| org.apache.jetspeed.security.HierarchyResolver | See hierarchy management. |
| org.apache.jetspeed.security.spi.RoleSecurityHandler | See security-spi-atz.xml configuration. |
| org.apache.jetspeed.security.spi.GroupSecurityHandler | See security-spi-atz.xml configuration. |