|
You can check your method parameters in a
voter, so yes you can do this. But I don’t know of a way to do it
declaratively like you have posted. From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Doody, John Yes, we already thought about distinct
methods. However, is this possible with Acegi? And if
yes, does anyone have an example configuration? thanks, John ________________________________ Rather than complicate things, you may just want to break the method into 2: createBusinessAccount and createConsumerAccount since you obviously have different business rules regarding them. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Doody, John Sent: Tuesday, April 26, 2005 5:01 PM To: [EMAIL PROTECTED] Subject: [Acegisecurity-developer] Securing methods to the parameter level I"m new to Acegi Security and I"m evaluating how it works and at the moment I"m not finding a way to declare method-level security with differing parameters. Is this possible with Acegi Security? To attempt to make my question clearer, here is an XML snippet of what I"m attempting: <property name="objectDefinitionSource"> <value> com.example.Service.createAccount(AccountType.BUSINESS)=ROLE_SUPER_USER com.example.Service.createAccount(AccountType.CONSUMER)=ROLE_USER </value> </property> I"ve got the same method which allows for different parameters. I don"t want a principle with a ROLE_USER authority to access the method if they attempt to create a business account with the following method call: com.example.Service.createAccount(AccountType.BUSINESS) Thank you for the help. John |
Title: Message
- [Acegisecurity-developer] RE: Securing methods to the parame... Doody, John
- March, Andres
