RE: [Acegisecurity-developer] why require an ADM

Tue, 05 Jul 2005 10:20:07 -0700 

I'm sure the overhead would barely register in an app of our size but it
just feels wrong.  Our authorities cannot be represented by a string
that is why we don't have the ROLE_X concept.  It is more of a PITA then
anything else but it seems kind of illogical to have a
NoOperationAccessDecisionManager.  Still it maybe just a unique
situation, so we'll deal with the extra config.  Thanks for the tip.

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
Of
> Ben Alex
> Sent: Friday, July 01, 2005 6:20 PM
> To: acegisecurity-developer@lists.sourceforge.net
> Subject: Re: [Acegisecurity-developer] why require an ADM
> 
> March, Andres wrote:
> 
> > When using an afterInvocationManager it may not always be necessary
or
> > possible to provide before invocation security, so why require an
> > ADM?  I just use one that is allows everyone and abstentions to pass
> > but it seems like a bit of overhead when all I really care about is
> > filtering the response data.  Am I missing something?
> >
> You could always write (assuming you haven't already, as it sounds
like
> from your email) a NoOperationAccessDecisionManager which implements
> AccessDecisionManager and just immediately returns from each method.
> Most people check the user has a ROLE_USER or similar in the
> AccessDecisionManager, to ensure the user is logged in before they
> invoke the method. I can't see that invocation adding much overhead to
> be honest - it's not being dynamically proxied or anything, it's just
> calling a method that immediately returns. Do you have some profiling
> that shows it's adding a lot of overhead to your app? If so we could
> possibly make it a switchable parameter on the
> AbstractSecurityInterceptor.
> 
> Cheers
> Ben
> 
> 
> -------------------------------------------------------
> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
> from IBM. Find simple to follow Roadmaps, straightforward articles,
> informative Webcasts and more! Get everything you need to get up to
> speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
> _______________________________________________
> Home: http://acegisecurity.sourceforge.net
> Acegisecurity-developer mailing list
> Acegisecurity-developer@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer


-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to