|
Authentication
HyperContent 2 uses JAAS for authentication. While it is not the perfect design for web applications, it is a standard and it works. The built-in implementation looks for username & password in a user's user.xml file. This is NOT meant to be secure!
Authorization
HyperContent 1.x was able to leverage uPortal Groups and Permissions management for authorization. In 2.0, Permissions are stored in an XML file in a project's repository.
Groups
As yet unimplemented, groups will also be stored as an XML file in a project's repository.
The loss of uPortal Groups and Permissions is the single biggest "Con" in the evolution from 1.x to 2.0. Hopefully we will get them back someday!
|
| |