I'm new to Acegi
Security and I'm evaluating how it works and at the moment I'm not finding a way
to declare method-level security with differing parameters. Is this
possible with Acegi Security? To attempt to make my question
clearer, here is an XML snippet of what I'm attempting:
<property
name="objectDefinitionSource">
<value>
com.example.Service.createAccount(AccountType.BUSINESS)=ROLE_SUPER_USER
com.example.Service.createAccount(AccountType.CONSUMER)=ROLE_USER
</value>
</property>
<value>
com.example.Service.createAccount(AccountType.BUSINESS)=ROLE_SUPER_USER
com.example.Service.createAccount(AccountType.CONSUMER)=ROLE_USER
</value>
</property>
I've got the
same method which allows for different parameters. I don't want a
principle with a ROLE_USER authority to access the method if they attempt to
create a business account with the following method
call:
com.example.Service.createAccount(AccountType.BUSINESS)
Thank you
for the help.
John