title

Tiny Marbles CMS component model

The UML component model shows, which Java libraries are used, and gives an overview to the main dependencies. For the management of the dependencies we use Ivy, therefore please check the according Ivy files in the Tiny Marbles distribution for all detailed dependecies of the Java packages.

The 'Tiny Marbles CMS' consists of the following major packages:

  • WSM = website manager
  • CMS = content management
  • MUM = user management

uml_components_big.png

The complete set of modules from the view point of a developer for independent usage is called the 'Tiny Marbles Framework'. The framework is solid, well tested and is used in a variety of running public web applications.

Here an overview over the modules of the Tiny Marbles Framework:

Luigi
Luigi aims to provide Lucene's full-text search in a highly configurable and loosely coupled library. The engine provides a layer of services on top of Lucene that can be configured and managed through Spring beans. More information here.

Talos
Talos is an authorization engine designed for easy and efficient management of access rights. You can check access rights and change them in single-line commands, directly from the code, without dealing with external XML, policy files, and classpath. More information here.

Repository
The package 'repository' provides access to Hibernate using the DAO pattern. The generic repository handles for instance the database session, all basic database procedures like 'get', 'list', 'save', 'update' and generic result like a PagedResult.

Webcore
The package 'webcore' provides a set of useful basic methods for web application upon Struts, Spring and Freemarker. It also includes the packages 'Luigi', 'Talos' and the package 'repository'. On top of the module 'webcore' you can easily build new web applications based on Java with intuitive search, authorization and database access.

Usermanagement (MUM)
The package MUM includes the package 'webcore' and is not a framework anymore. It is a real web application with only one purpose: user, group, role, authorization and zone administration. You can work with MUM itself and you can create your own web application on top of MUM very easily based using the underlying Tiny Marbles Framework 'Luigi', 'Talos', 'repository' and 'webcore'.

Content manager (CMS)
The package CMS includes 'MUM' and therefore the complete underlying Tiny Marbles Framework: 'Luigi', 'Talos', 'repository', 'webcore' and 'MUM'. The content manager provides all features for the content administration. But you still have to take care about the website and the layout yourself.

Website manager (WSM)
The website management system (WSM) includes the package 'CMS'. The website manager provides all features to manage and display websites. Included are three basic layout schemes, called 'Flexible layout', 'Horizontal tab system' and 'Financial theme'. It is possible to work with the website manager out of the box. The website manager is called 'Tiny Marbles CMS'.


title

Security concept based on Talos

This section about 'Authorization' is addressed to developers who intend to customize Tiny Marbles CMS. The basic authorization concept of Tiny Marbles uses 'Zone', 'Group' and 'User'. The user inherits the permissions of the group, the group inherits the permissions of the zone. The groups can be organized as a group tree, the user can be assigned to a group node and inherits the permissions from the group nodes. The users inherits automatically all permissions of the parent group nodes as well. Therefore it is enough to grant permissions to the root group if all users of this particular tree should have the same permissions. In your code you simply pass the user, group and zone information of the signed in user to Talos, and ask if actions for the user are allowed. Actions could be for example: 'create an article', or 'delete a user' or 'upload an image'.

doc_um_zones01.png

  • You are able to grant or revoke permissions to the entities Zone, Group or User
  • In case you would like to check if 'create article of the type HTML is allowed' for a signed in user, you would write the following code using Talos: talos.withSubjectOr('Zone','Group01','Group02', 'User').andCategory('Article HTML').isAllowed('Create Article HTML');
  • The permissions of 'Zone', 'Group01', 'Group02', 'User' are related with 'OR': if at least one of these items has permission 'create' on 'articles' the return value is 'true'.
  • With that behaviour the user management provides inheritance. For example: we grant 'create' for the category 'articles' to the whole zone. Each member of the zone is allowed to 'create' new 'articles', even if the user himself doesn't have the permission.

title

Talos: Authorization Engine

From the developer point of view Talos is an authorization engine designed for easy and efficient management of access rights. You can check access rights and change them in single-line commands, directly from the code, without dealing with external XML, policy files, and classpath. Here you get further information about Talos:

PDF: Talos - An Expressive Authorization Engine

Check out the project Talos on SourceForge.


title

Luigi: Search adapter for Lucene

Luigi aims to provide Lucene's full-text search in a highly configurable and loosely coupled library. The engine provides a layer of services on top of Lucene that can be configured and managed through Spring beans. 

PDF: Luigi - search adapter for Lucene

Check out the project Luigi on SourceForge.


zovirax