Would anyone object to me moving the Permission classes  
(FolderPermission, PortletPermission, BaseJetspeedPermission etc...)  
back into /jetspeed-commons ? I cannot find a way to easily extend the  
permission system, something I could easily do in 2.1.3.
For example, from a portlet I would like to do a permission check from  
a portlet:

         try
         {
             // use standard Java security to do a permission check  
using the seed configuration
             AccessController.checkPermission(new  
ContactPermission(contact.getID(), "view"));
         }
         catch (Throwable t)
         {
             isContactViewable = false;
         }

But I have to derive my ContactPermission from BaseJetspeedPermission,  
living in the security jar

I am stuck right now with a 2.1.3 portal using AccountPermissions that  
won't port to 2.2, as well as the Contact example above in another new  
portal.

Additionally, I can only add permission/actions in my seed data that  
are validated by JetspeedAction's valid window states or portlet  
modes. Furthermore, for modes like "config" the actions *still* seem  
to be failing when loaded from permission-seed-data.

I would like to propose:

1. moving BaseJetspeedPermission and its derived classes to commons
2. being more lenient on actions (allow any valid string allowed by  
Java Permissions)