The scenario you've presented is best solved by the query, not the
security layer. Your code should decide what the query parameters are
based on the current user. This is an extremely business dependent
decision.
For example, keeping it simple, let's say you have a
ContactDao.loadAll() method that returns a Collection of Contacts.
ContactDao {
Collection<Contact> findAll()
}
Your option here is to do some magical stuff with figuring out who the
current user is by looking in the SecurityContext, or you can put that
logic on the outside...
ContactDao {
Collection<Contact> findAllAllowed(User)
}
Fancy AOP based filtering and what not isn't always the answer :)
That being said, a friend of mine has done some work auto-limiting a
Hibernate Criteria query in our DAO layer. His work there is again
based on business logic appropriate to our application.
Now the other concern, why can't you build the 1.1 nightly?
Don't be suprised if someone comes along and says I'm totally wrong on
the above stuff :P
On 10/19/06, Ingo Siebert <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I'm needing the ACL feature for my application, because my database has
> a really huge number of instances(contacts for example).
>
> If a user requests all contacts, only the contacts which he has access
> to should be returned. A filtering after loading all contacts would be
> too inefficient. That's why i need a before-query filtering, which will
> be a WHERE clause in my opinion.
>
> Does the refactored ACL code (ACEGI 1.1) contains any new solution for
> my problem?
>
> Any good suggestions for ACEGI 1.0 are also very welcome.
>
>
>
> I'm using the nightly build of ACEGI 1.1
> (acegisecurity-2006-09-17-1686-src), but i see that the new ACL-Code
> (with ACE and so on) is only in the sandbox directory. When will this
> change?
> I can't build the nightly version and that's why i'm interested in
> compiled JAR files.
>
> Any help and ideas would be really wonderful.
>
> Cheers,
>
> Ingo
> --
> CRM Products Development - New Technologies
>
> CAS Software AG
> Well informed. Always and everywhere.
> www.cas.de
>
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Home: http://acegisecurity.org
> Acegisecurity-developer mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
