wood burning stoves 2.0*
The moose likes Portals and Portlets and the fly likes Recommended Security Architecture Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Portals and Portlets
Bookmark "Recommended Security Architecture" Watch "Recommended Security Architecture" New topic
Author

Recommended Security Architecture

anyz mick
Greenhorn

Joined: Aug 09, 2004
Posts: 15
I am assigned a task to work on Portal based upon Portlet 2.0 that will be deployed on Tomcat using Jetspeed 2.2.1. However in future this must be deployable on other portlet servers like IBM WebSphere. In first step I have to work out the possible security model for the application. Major requirements for security:
- Based on some standard
- Easily portable to Websphere or other server
- Two step security model in which authentication is done on cooperate network (LDAP or domain controller for example) than authorizations will be controlled by portlet server

So security must not dependent or tightly coupled with Jetspeed specific features. My initial understanding user must exists in portlet server (Jetspeed on this case) to control the authorization stuff(who can access and what can do). What could be best way these server independent so that these can be ported easily to other servers. Or for each server we have to re-create user/groups/roles using sort of admin interface that server provides.

Thanks for time.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Recommended Security Architecture
 
Similar Threads
Need Info On Web Clipping and a Small Issue...
Websphere Portal - Test 399
Basic of Portlet
WebSphere Portal 348 - prime questions/answers
Portals in Action - Question