The Proposals Wiki has been deprecated in favor of creating Feature Requests in JIRA. If you wish to propose a new idea for a feature, visit the Community Ideas Dashboard and read the Feature Requests Wiki page for more information about submitting your proposal.
« Back to 2012 Google...

IP-Based Roles

Project Title #

IP-Based Roles

Background #

In Liferay, a Role is a collection of permissions that can be "given" or assigned to one or more users. Once a user is "given" a role, she can do whatever the contained permissions allow her to do, such as edit a page, or delete a message board post.

There are three kinds of roles:

  1. Portal Roles
  2. Organization Roles
  3. Community Roles

These are called role scopes. Roles are used to define permissions across their scopes: across the portal, across an organization, or across a community. For example, consider a role which grants access to create a Message Board category. A Portal role would grant that access across the portal, wherever there was a Message Board portlet. A Community role would grant that access only within a single community. An Organization role would grant that access only within an Organization.

Currently, Users, User Groups, Communities, or Organizations can be members of a role.

Use Cases #

  • Users connecting to a corporate homepage based on Liferay from the corporate intranet (e.g. a hard-wired port in a corporate office) should be presented with an intranet login form. Users coming to the site from the DMZ (such as a publically available wireless network on a company campus) should get public-only content and no ability to login or access private information.

The Problem #

Currently, roles can only be assigned to entities such as Users, User Groups, Communities, or Organizations. But before a user provides any credentials, there is no way of knowing who they are or what they should be able to access. It would be useful if users in a specific network category (Based on IP) could be automatically given one or more roles to help in content serving before they even log in.

The Solution #

For this project, a configurable range of IP addresses can be assigned a particular Role. When a user comes to the site from a given IP address, it is checked against the configured list, and if a match is made, that user is dynamically given the role(s) specified.

Skills Needed #

  • Required: Java, JSP, Networking
  • Nice to have: Struts, Liferay

Prerequisites #


Deliverables #

  • Complete code changes to Liferay Portal 6.0.6 to allow administrators to assign one or more range of IP addresses to one or more pre-configured portal roles.
  • Unit tests for all new and changed code.
  • Documentation required to configure this option..

References #

Related Issues #


External References #


0 Attachments
Average (0 Votes)
The average rating is 0.0 stars out of 5.