Defining portlet security constraints
Security constraints are a declarative way of associating the intended protection to portlets. A constraint consists of two elements: Portlet collection and User data constraint.
The following actions can be performed in the Portlet Deployment Descriptor editor:
- Add or remove security constraints to associate the intended protection with specific portlets.
- Specify portlets to be protected in the
Portlet Collections list box.
- Specify requirements for the transport layer for the portlet collection in the
User Data Constraint.
For more information about each element, refer to the following description.
Property Name Description Details
- Language
- Language information to localize the display name. This value is used in the xml:lang attribute.
- Display name
- A name used to identify the security constraint.
Portlet Collections Portlet names that describe a set of resources to be protected. All requests targeted to portlets listed in the portlets collection are subject to the constraint. Click the
Add or
Remove button to add or remove portlets. For the selected portlet collection, you can edit the portlet name. Added as <portlet-name> elements in a <portlet-collection> attribute.
User Data Constraint A user data constraint describes requirements for the transport layer for the portlets collection.
- Type
- Used in the <transport-guarantee> element in the <user-data-constraint> attribute.
- None
- Any transport guarantees are not required.
- Integral
- Requires the content integrity (preventing data tampering in the communication process).
- Confidential
- Requires the confidentiality (preventing reading while in transit).
- Language
- Language information used in the xml:lang attribute to localize the description.
- Description
- A descriptive text about the user data constraint. Used in <description>.