[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [wsrp-wsia] [change request #140] Add PortletDescription.onlySecure?
Document: Spec Section: 5.1.11 Page/Line: 20/14 Requested by: Mike Freedman Old text: New text: [O] boolean onlySecure Reasoning: At the last F2F we removed setting of security requirements from none, some, all in deference for only supporting some. There is value to the consumer in knowing that a portlet runs entirely in secure mode -- e.g. a portal may signify this portlet in a special way in the portlet respository/toolbox and only allow it to be added to "secure" pages. Shouldn't we allow a portlet to signify this? Note: doing so puts us in tighter alignment with JSR 168 which allows this information to be declared/specified. [RT] My understanding of the F2F discussions was that one only needed to know the security for the "default" markup (e.g. for the initial page). After that, the page must be secure if any of the portlets has a current indication that secure communication is required and is allowed to be unsecure only if there are no portlets with such current indicators.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC