I opened JIRA issue SEC-354 and attached a patch that has a label-based ACL voter including junit test cases. That way, you can grant uses labels of access, and then screen method calls based on the incoming labeled parameters, and decide if the user is authorized to carry out the method call.
Greg ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
