|
Home > Archive > WebSphere Portal Server > July 2005 > PortletRequest.isUserInRole() ?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
PortletRequest.isUserInRole() ?
|
|
| Jouni Rajala 2004-11-09, 7:48 am |
| We have configured security with ldap.
We see that user is in user group with ldap admin tools
and in portal administration page.
However when I try to call PortletRequest.isUserInRole("groupname")
I always get null as reply.
Is this supposed to work this way. I have tried it with
JSR168 and non-JSR168 portlets with same results.
--
Jouni Rajala
| |
| Jouni Rajala 2004-11-09, 7:48 am |
| >
> However when I try to call PortletRequest.isUserInRole("groupname")
> I always get null as reply.
>
Naturally I meant i get false as result. Was thinkin another problem
at same time 
| |
| Scott A. Roehrig 2004-11-09, 5:53 pm |
| I may be wrong, but I do not believe that WPS uses J2EE security roles to
manage access/authorization. The roles you are querying would be set in the
J2EE roles for the wps webapp I believe.
Scott
"Jouni Rajala" <jouni.rajala@systeemiratkaisu.fi> wrote in message
news:cmq5bi$svk$1@news.boulder.ibm.com...
>
> Naturally I meant i get false as result. Was thinkin another problem
> at same time
>
>
| |
|
| Im having the same problem .Please let me know
| |
| George Daswani 2005-07-27, 5:56 pm |
| It's one of those things IBM should have implemented.
For one, there are only 7 or so usable roles (they call it Role Types) on
the Portal.
The Seven: Administrator, Security Administrator, Delegator, Manager,
Editor, Priviledged User, User
The isUserInRole function is only useful if you are able to create, and add
new roles (which WPS doesn't allow you to do). Moreover, in order to make
it work properly, WPS needs to extend PortletRequest and override the
isUserInRole functions so that it dynamically checks (instead of the roles
being added as principals during login - static), morever - the role
aliasing (which is allowed by the JSR-168 specs) should also be supported.
What you'll end up doing is using groups as a placeholder for roles (yes, it
doesn't make sense), then using PUMA to do further authorization checks
inside your portlets.
G
<suneetha.avuthu@citigroup.com> wrote in message
news:1665438781.1122383262412.JavaMail.wassrvr@ltsgwas007.sby.ibm.com...
> Im having the same problem .Please let me know
|
|
|
|
|