Matthew E.Porter wrote:
FWIW, we are handling something similar by using groups. The tend to
be easier for users to conceptualize.
I would agree with Matthew. It's going to be confusing for future
developers of your application if roles can aggregate other roles.
You'll also need to avoid infinite loops (eg ROLE_A = ROLE_B, ROLE_C,
but ROLE_B = ROLE_A, ROLE_D). Groups are a simple concept, which is
easily understood. Typically groups are implemented in an AuthenticationDao.
Cheers
Ben
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
