[Building Sakai] Security Service
Mame-Awa Diop
mame-awa.diop at hec.ca
Fri Feb 19 13:02:20 PST 2010
Hi David,
Here is a quick description of our problem: at HEC Montréal, we have
implemented the OpenSyllabus
<http://confluence.sakaiproject.org/display/OSYL/OpenSyllabus+Home>tool
to create and publish course outlines among other things. One of the
characteristics of our course outlines is that they can be hierarchical
(content sharing) . This means a course outline can inherit parts of its
content from other course outlines.
In the XML representing the course outline, we reference resources of
the Resources tool.
A security problem arises when the content inherited in the course
outline (site A) contains a reference to a resource in the parent
course outline (site B). The member of the course outline (site A) will
get a 403 error when he tries to access to this resource.
Until now I have seen 2 ways to solve the problem:
* Add the users of the course outline to the parent site with the
content.read permission: with this I need to do a lot a
synchronization.
* Extend the SecurityService to tell if to site are related by
course outlines, the member of the child site have special access
to the resources of the parent site: I don't know how to extend or
implement the SecurityService.
I hope it is clear, any suggestions or possibilities to extend the
kernel to accommodate us would be appreciated and we would be glad to help.
--
Mame Awa Diop
HEC Montréal
3000, chemin de la côte-Sainte-Catherine
Montréal (Québec) H3T 2A7
-------- Message original --------
Sujet : Re: [Building Sakai] Security Service
De : David Horwitz <david.horwitz at uct.ac.za>
Pour : sakai-dev at collab.sakaiproject.org
Date : 2010-02-19 15:17
> Hi Awa,
>
> Maybe you could share with us what you need to do, possibly so we can
> include it in a future kernel release?
>
> Regards
>
> David
>
> On 02/19/2010 10:15 PM, Mame-Awa Diop wrote:
>> Hi Lance,
>>
>> I tried the SiteAdvisors but they are not working for what I want to
>> do. I would help if the Indina guys how they proceeded to change
>> their SecurityService, I hope will respond to this mail.
>>
>> --
>>
>> Mame Awa Diop
>> HEC Montréal
>> 3000, chemin de la côte-Sainte-Catherine
>> Montréal (Québec) H3T 2A7
>>
>>
>>
>> -------- Message original --------
>> Sujet : Re: [Building Sakai] Security Service
>> De : Speelmon, Lance Day <lance at indiana.edu>
>> Pour : mame-awa.diop at hec.ca <mame-awa.diop at hec.ca>
>> Copie à : sakai-dev <sakai-dev at collab.sakaiproject.org>
>> Date : 2010-02-19 15:05
>>> I know Indiana uses a slightly modified SecurityService which
>>> consults with an external system. You might also take a look at
>>> SecurityAdvisors as an alternative. L
>>> *
>>>
>>> *
>>> *Lance Speelmon*
>>> Scholarly Technologist
>>>
>>> On Feb 19, 2010, at 12:23 PM, Mame-Awa Diop wrote:
>>>
>>>> Hello everybody,
>>>>
>>>> I was wondering to implement its own SecurityService. The code is
>>>> in the kernel and I suppose we are not supposed to modify it but
>>>> our need is omportant. I am particularly interested in modifying
>>>> the unlock method for the Resources. I would appreciate it if you
>>>> could tell me if it is possible and how to procede.
>>>>
>>>> Thanks
>>>>
>>>> Awa,
>>>> --
>>>>
>>>> Mame Awa Diop
>>>> HEC Montréal
>>>> 3000, chemin de la côte-Sainte-Catherine
>>>> Montréal (Québec) H3T 2A7
>>>>
>>>>
>>>> _______________________________________________
>>>> sakai-dev mailing list
>>>> sakai-dev at collab.sakaiproject.org
>>>> <mailto:sakai-dev at collab.sakaiproject.org>
>>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>>
>>>> TO UNSUBSCRIBE: send email to
>>>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>>>> "unsubscribe"
>>>
>>
>>
>> _______________________________________________
>> sakai-dev mailing list
>> sakai-dev at collab.sakaiproject.org
>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>
>> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
> ------------------------------------------------------------------------
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100219/6eaec521/attachment.html
More information about the sakai-dev
mailing list