Re: [Acegisecurity-developer] Fwd: Adding roles without editing the configuration

Thu, 30 Jun 2005 14:36:03 -0700 

Thx for the response, I see what you are saying, however, since we
don't have roles in the system today and isUserInRole is based on the
group the user belongs to I'm not sure how to handle this... could it
be a quick fix to add a 'known' role like 'USERS' to all users in the
system in the custom AuthenticationDAO? Or am I still missing
something?

-khp-

On 6/30/05, Ray Krueger <[EMAIL PROTECTED]> wrote:
> Do not confuse roles and groups.
> A role, is best thought of as a permission. Your application has
> groups of users. If you assign roles (permissions) to groups you can
> accomplish what you're looking for.
> 
> For example, A secured resource such as...
> /userlogin/*=Admin,SuperAdmin
> The permissions reuired to access /userlogin/* should never change,
> but how those permissions are distributed would.
> 
> You could have several groups that have Admin and/or SuperAdmin permissions...
> A "Chicago employees" group with the "Admin" role.
> A "System administrators" group with the "Admin and SuperAdmin" roles.
> 
> Here's some topics from the forum, I recommend doing some searching there...
> http://forum.springframework.org/viewtopic.php?t=4515
> http://forum.springframework.org/viewtopic.php?t=3668
> -Ray
> 
> 
> On 6/30/05, Kjetil Paulsen <[EMAIL PROTECTED]> wrote:
> > ---------- Forwarded message ----------
> > From: Kjetil Paulsen <[EMAIL PROTECTED]>
> > Date: Jun 30, 2005 8:09 PM
> > Subject: Adding roles without editing the configuration
> > To: [EMAIL PROTECTED]
> >
> >
> > Hi
> >
> > In our system we have the possibility to add roles (called
> > usergroups), Is there anyway to manage this in Acegi without adding
> > this role to the filter?
> >
> > Like now I have configured it like this:
> >
> > /userlogin/*=Admin,SuperAdmin
> > /admin/**=Admin,SuperAdmin
> > /secure.jsp=Admin,SuperAdmin
> > /**=ROLE_ANONYMOUS,Admin,SuperAdmin
> >
> > However, when I then add a usergroup called 'test' and a user called
> > 'test' in that group I can't log on because the group 'test' is not
> > any known role to Acegi and also not part of the ROLE_ANONYMOUS. And
> > of course we can't add each user created group to the xml config.
> >
> > Is this behaviour supportet by Acegi?
> >
> > /kjetilhp
> >
> >
> > --
> > -Many secrets of art and nature are thought by the unlearned to be magical-
> > ------------------------------------------------------------------------
> > | Kjetil H.Paulsen                    | Movegen 35, 2770 Jaren, Norway |
> > | kjetil AT java DOT no               | Cell: +47 951387575            |
> > | kjetil DOT paulsen AT gmail DOT com | http://kjetil.i.am             |
> > ------------------------------------------------------------------------
> >
> >
> > -------------------------------------------------------
> > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> > from IBM. Find simple to follow Roadmaps, straightforward articles,
> > informative Webcasts and more! Get everything you need to get up to
> > speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&opclick
> > _______________________________________________
> > Home: http://acegisecurity.sourceforge.net
> > Acegisecurity-developer mailing list
> > Acegisecurity-developer@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
> >
> 
> 
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&opclick
> _______________________________________________
> Home: http://acegisecurity.sourceforge.net
> Acegisecurity-developer mailing list
> Acegisecurity-developer@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
> 


-- 
-Many secrets of art and nature are thought by the unlearned to be magical-
------------------------------------------------------------------------
| Kjetil H.Paulsen                    | Movegen 35, 2770 Jaren, Norway |
| kjetil AT java DOT no               | Cell: +47 951387575            |
| kjetil DOT paulsen AT gmail DOT com | http://kjetil.i.am             |
------------------------------------------------------------------------


-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to