THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Name | Externalize User and Permissions Management |
StatusProposal under development | Implemented in trunk for 4.1 |
Target Release | Roller Weblogger 4.1 |
Issue | |
Original Authors | Dave Johnson |
Proposal to make it possible to externalize user and permissions management so that Roller can be easily customized to pull user profile and role permissions information from a separate user management an external system.
1.0 Abstract
For ease of installation and management, Roller is able to manage it's own users and permissions without relying on any external system other than its RDBMS. We definitely don't want to lose that ability, but as Roller moves into enterprise scenarios where Directory Servers rule and social networking scenarios where user profile information is key we need to make some changes. For Roller to be sucessful in large organizations and social networks, we need to make it easy to integrate Roller with existing user management and permissions systems. The way to do that is to externalize user and permissions management, or rather to make it externalizable.
...
- Enable Roller to optionally read/write user profile information in an external system
- Enable Roller to optionally read/write user role information in an external systemEnable Roller to optionally read/write user-weblog and permission information in an external system instead of it's relational database.
- Increase the number of authentication/authorization options available in Roller by making it possible to configure Container Managed Authentication (CMA) and not only Acegi.
...
Here are the new properties:
| Code Block |
|---|
role.names=anonymous,editor,admin
role.actions.anonymous=comment
role.actions.editor=login,comment,createWeblog
role.actions.admin=login,comment,createWeblog,admin
|
...