To this point, your guestbook application is able to create guestbooks and guestbook entries and store them as data to the database. However, everyone that visits your site has the ability to do this, which could present problems as an administrator. Most of the time, you’ll want some of the data in your guestbook application protected from random users on the web. For instance, you may want to enable some users to add guestbook entries, while preventing others from doing so.

In the first half of this learning path, you’ll learn how to implement Liferay’s permissions system in your guestbook portlet following JSF best practices. The default permissions scheme will allow users to view guestbooks and enter guestbook entries, while preventing anonymous web-browsing users from doing either. Also, regular users should not be allowed to add guestbooks, so you’ll implement permissions that only give administrators the ability to create new guestbooks.

In the second half of this learning path, you’ll dive further into permissioning with JSF portlets by bolstering a user’s permissions options. This will include adding resources to the Guestbook portlet’s service layer and creating new Java wrapper classes.

Overall, you’ll learn just how easy it is to implement security for a JSF application in Liferay Portal, and transfer permissioning into your own applications. Time to get started!

Configuring a Basic Permissions Scheme

The first thing you need to do is create a configuration file that defines permissions you want inside your application. This main configuration file can have any name, but as a best practice, is...

Read More

Adding Permissions Resources to the Service Layer

Up to this point, you’ve successfully configured permissions checking for your Guestbook portlet. However, you’re portlet is not currently able to store permissions to the database. This means, in...

Read More

Extending the Permissions Scheme with Wrapper Classes

When extending a portlet’s permissions scheme, it’s best practice to create wrapper classes that extend your model entity wrappers. This gives your permissions methods a unique place to reside. By...

Read More

Updating the UI with Extended Permissions Scheme

Now that you have your permissions scheme configured to handle individual entities, it’s time to add a permissions method that can be called from your master view. You’ll create a method that...

Read More
0 (0 Votes)
Implementing a UI with JSF Views Previous