[Acegisecurity-developer] method invocation not guarded when SecurityConfiguration forgotten

Joost de Vries Mon, 24 Jan 2005 09:48:13 -0800

Hi,

I'm using acegi to guard the security of our service layer pretty much
exactly like the BankManager sample. The annotations declare the
authorisations.
   /**
    * @@SecurityConfig("ROLE_SUPERVISOR")
    * @@SecurityConfig("RUN_AS_SERVER")
    */
   public void deleteSomething(int id);


If somebody forgets to annotate a method, though, it is accessible to
all. I want the reverse: access denied unless granted. How can I
change that?

Thanks for your help.

Joost de Vries
Netherlands


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

[Acegisecurity-developer] method invocation not guarded when SecurityConfiguration forgotten

Reply via email to