Hello,
We have a need to permission navigation items and portlets for anonymous users (i.e. before the users authenticate). We currently do that more for personalization than security, i.e. we give access to pages based on the incoming user's locale.
To achieve this we have portal users for each locale that we want to support. Then in SSOUsernameRetriever we select the appropriate user based on the incoming locale. Finally, those users belong to groups corresponding to the country and languages and we use those groups for permissions.
We need to add more criteria than just the locale. We could continue to add more users for each combination of locales and these new criteria values but I'm wondering if there is a better way to achieve this. The objective is to have groups that we can use to permission nav items/portlets in a fine-grained way based on those criteria.
I'm wondering if anybody has similar needs and what kind of solutions they could come up with.
Thanks,
Slawek Zachcial
