The PermissionManager is used by the RdbmsPolicy to get the permissions for
a given user principals as presented
in the Jetspeed JAAS Policy section of the documentation.
The PermissionManager manages the association between permissions and principals. Each permission
or principal maps to a generic object model and reflexion is used to instantiate the proper permission or
principal type. The class diagram below represents the interfaces representing a generic permission
(InternalPermission) and a generic principal (InternalPrincipal) and their relation
to the PermissionManager.
Each InternalPermission maps to one or more InternalPrincipal and, each
InternalPrincipal can have one or more InternalPermission.
The OJB mappings for the security component are described in security_repository.xml:
InternalPrincipal: Maps to the SECURITY_PRINCIPAL table.InternalPermission: Maps to the SECURITY_PERMISSION table.InternalPrincipal and InternalPermission are
maintained through the indirection table PRINCIPAL_PERMISSION.
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalPrincipalImpl"
proxy="dynamic"
table="SECURITY_PRINCIPAL"
>...</class-descriptor>
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalPermissionImpl"
proxy="dynamic"
table="SECURITY_PERMISSION"
>...</class-descriptor>
The relational schema maintaining principal to permission associations is provided below:
