Re: [Acegisecurity-developer] Acegi & population of database tables

Wed, 22 Jun 2005 01:41:22 -0700 

Hello Ben,
  thanx!! in meantime i read more acegi docs and i managed to figure
out how to populate tables, so things are more or less pretty clear
now..
thanx and regards
 marco

On 6/22/05, Ben Alex <[EMAIL PROTECTED]> wrote:
> Marco Mistroni wrote:
> 
> >for both contactManagerSecurity and  TransactionInterceptor.
> >I assume they have something to do with autohrization using
> >MethodInterceptor, but i cannot figure out the meaning, for example,
> >of
> >sample.contact.Contact:1 for object_identity column in
> >acl_object_identity, and i can't understand what is the purpose of the
> >acl_permission table, in particular the mask column and acl_object
> >identity
> >
> >Can anyone give me some explanation on how the acl_permission and
> >acl_object_identity should be populated?
> >
> >
> >
> Hi Marco
> 
> Have you had a change to review the reference documentation at
> http://acegisecurity.sourceforge.net/docbook/acegi.html#acls?
> 
> If we take the sample data:
> 
> INSERT INTO acl_object_identity VALUES (1, 'corp.DomainObject:1', null, 
> 'net.sf.acegisecurity.acl.basic.SimpleAclEntry');
> INSERT INTO acl_object_identity VALUES (2, 'corp.DomainObject:2', 1, 
> 'net.sf.acegisecurity.acl.basic.SimpleAclEntry');
> INSERT INTO acl_object_identity VALUES (3, 'corp.DomainObject:3', 1, 
> 'net.sf.acegisecurity.acl.basic.SimpleAclEntry');
> INSERT INTO acl_object_identity VALUES (4, 'corp.DomainObject:4', 1, 
> 'net.sf.acegisecurity.acl.basic.SimpleAclEntry');
> INSERT INTO acl_object_identity VALUES (5, 'corp.DomainObject:5', 3, 
> 'net.sf.acegisecurity.acl.basic.SimpleAclEntry');
> INSERT INTO acl_object_identity VALUES (6, 'corp.DomainObject:6', 3, 
> 'net.sf.acegisecurity.acl.basic.SimpleAclEntry');
> 
> INSERT INTO acl_permission VALUES (null, 1, 'ROLE_SUPERVISOR', 1);
> INSERT INTO acl_permission VALUES (null, 2, 'ROLE_SUPERVISOR', 0);
> INSERT INTO acl_permission VALUES (null, 2, 'marissa', 2);
> INSERT INTO acl_permission VALUES (null, 3, 'scott', 14);
> INSERT INTO acl_permission VALUES (null, 6, 'scott', 1);
> 
> 
> What is basically happening is acl_object_identity represents a domain
> object instance. corp.DomainObject:1 is the Java classname + ":" +
> identifier of the domain object instance. So that inheritance works, the
> acl_object_identity table identifies the parent acl_object_identity
> record (or null if it has no parent). Accordingly, in the above example,
> DomainObject #2 and #3 and #4 all share the same parent, DomainObject #1.
> 
> There is a one-to-many relationship between acl_object_identity and
> acl_permission. ie one acl_object_identity has many acl_permissions. In
> the example above, DomainObject #2 has two acl_permissions (for
> "ROLE_SUPERVISOR" and "marissa").
> 
> The acl_permission table specifies which acl_object_identity record it
> applies to, the "recipient" (usually a username or role name), and the
> integer mask that applies. So if we take the last acl_permission example
> above, it applies to acl_object_identity #6, and gives "scott" the
> permissions identified by integer mask 1.
> 
> Hope this clears things up.
> 
> Ben
> 
> 
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> Home: http://acegisecurity.sourceforge.net
> Acegisecurity-developer mailing list
> Acegisecurity-developer@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>


-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to