2、配置一个居于IFrame的应用:
1、 引入jar包:jetspeed-components-2.0.jar jetspeed-rewriter-2.0.jar jetspeed-web-content-2.0.jar portals-bridges-velocity-1.0.jar portals-gems-2.0.jar (注:可以使用demo应用的lib)
2、 在portal.xml文件中配置一个portlet:
3、 配置对应的.psml文件,如下:
|
3、
jetspeed2的登陆权限验证完全居于JAAS,其配置文件是在jetspeed应用lib库中的jetspeed-security-<version>.jar中的login.conf文件中定义的,如果想替换成自己的验证模式,可以修改此配置文件,如下:
Jetspeed { org.apache.jetspeed.security.impl.DefaultLoginModule required; }; |
请注意,自己加的login.conf配置文件可以放在WEB-INF/classes目录下的任何位置,并且修改WEB-INF/assembly目录下的security-providers.xml文件相应的login.conf文件的新位置。
4、
JAAS的subject主要用来表示一个应用主体对象(用户),此对象有一个或多个用来标识其身份的Principals,如名字(name principal)或者身份证号(SSN principal),principal是用来唯一标识此subject,以区别于其他的subject的。原文如下:
To authorize access to resources, applications first need to authenticate the source of the request. The JAAS framework defines the termsubject to represent the source of a request. A subject may be any entity, such as a person or a service. Once the subject is authenticated, a javax.security.auth.Subject is populated with associated identities, or Principals. A Subject may have many Principals. For example, a person may have a name Principal ("John Doe") and a SSN Principal ("123-45-6789"), which distinguish it from other subjects.
|