• Post Reply Bookmark Topic Watch Topic
  • New Topic

Recommended Security Architecture

anyz mick
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am assigned a task to work on Portal based upon Portlet 2.0 that will be deployed on Tomcat using Jetspeed 2.2.1. However in future this must be deployable on other portlet servers like IBM WebSphere. In first step I have to work out the possible security model for the application. Major requirements for security:
- Based on some standard
- Easily portable to Websphere or other server
- Two step security model in which authentication is done on cooperate network (LDAP or domain controller for example) than authorizations will be controlled by portlet server

So security must not dependent or tightly coupled with Jetspeed specific features. My initial understanding user must exists in portlet server (Jetspeed on this case) to control the authorization stuff(who can access and what can do). What could be best way these server independent so that these can be ported easily to other servers. Or for each server we have to re-create user/groups/roles using sort of admin interface that server provides.

Thanks for time.
Gravity is a harsh mistress. But this tiny ad is pretty easy to deal with:
the new thread boost feature: great for the advertiser and smooth for the coderanch user
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!