Eric Ballet-Baz wrote:
Allow access if :
bar.foo.MyService.myMethod=ROLE_A AND (ROLE_B OR ROLE_C)
Any idea ?
Hi Eric
There were some past discussions on implementation ideas in connection
with this on the forums, so you might like to search there. In summary
there is no AccessDecisionManager that can do this at present. It
wouldn't be too hard to write one that looked like this:
ROLE_A,&&,(ROLE_B||ROLE_C,)
Notice the need to keep your configuration attributes comma-separated.
This is because your AccessDecisionManager will still delegate to
AccessDecisionVoters for each individual configuration attribute.
Cheers
Ben
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
