站内搜索: 请输入搜索关键词
当前页面: 在线文档首页 > JBoss Portal 2.6 Reference Guide 英文版参考指南文档

Chapter 11. Security - JBoss Portal 2.6 Reference Guide 英文版参考指南文档

Chapter 11. Security
Prev   Next

Chapter 11. Security

Roy Russo

11.1. Securing Portal Objects

This section describes how to secure portal objects (portal instances, pages, and portlet instances), using the JBoss Portal *-object.xml descriptor OR portlet-instances.xml descriptor. View the User Guide for information on how to secure objects using the Management Portlet.

Securing portal objects declaratively, is done through the *-object.xml ( Section 6.1.1, “*-object.xml” ), for Portal Instances and Pages, or the portlet-instances.xml ( Section 6.1.2, “portlet-instances.xml” ) for Portlet Instances. The portion you will be adding to each object is denoted by the <security-constraint> tag: 

<?xml version="1.0" encoding="UTF-8"?>
<deployments>
   <deployment>
      <if-exists>overwrite</if-exists>
      <parent-ref>default</parent-ref>
      <properties/>
      <page>
         <page-name>MyPage</page-name>
         <window>
            <window-name>HelloWorldPortletPageWindow</window-name>
            <instance-ref>HelloWorldPortletPageInstance</instance-ref>
            <region>center</region>
            <height>0</height>
         </window>
         <security-constraint>
            <policy-permission>
               <unchecked/>
               <action-name>viewrecursive</action-name>
            </policy-permission>
         </security-constraint>
      </page>
   </deployment>
</deployments>

A security constraint on an object (our example above, secures a specific portal page), is explained as: 

<security-constraint>
   <policy-permission>
      <unchecked/>
      <action-name>viewrecursive</action-name>
   </policy-permission>
</security-constraint>

The security contraint portion is worth taking a look at, in an isolated fashion. It allows you to secure a specific window/page/portal-instance based on a user's role.

Role definition: You must define a role that this security constraint will apply to. Possible values are:

  • <unchecked/> Anyone can view this page.
  • <role-name>SOMEROLE</role-name> Access to this page is limited to the defined role.

Access Rights: You must define the access rights given to the role defined. Possible values are:

  • view Users can view the page.
  • viewrecursive Users can view the page and child pages.
  • personalize Users are able to view AND personalize the page.
  • personalizerecursive Users are able to view AND personalize the page AND its child pages.

We provide three live samples of this descriptor, here Section 6.1.2, “portlet-instances.xml” , Section 6.3.1, “Defining a new portal page” ,and Section 6.3.2, “Defining a new portal instance”

Prev Up Next
Chapter 10. Web Services for Remote Portlets (WSRP) Home Chapter 12. CMS Portlet