Well, I don't use ACLs so I don't know if they can be used to match the
principal against the first argument, but one thing is sure: I don't
pass the userid anymore as the first parameter, but as the second, as
the first parameter to the secured object is now the
ServletEndpointContext, as
I need to do canonicalization of the native userid after authorization
and
cache the result in the HttpSession.


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Ben Alex
Sent: Sunday, August 21, 2005 11:38 AM
To: acegisecurity-developer@lists.sourceforge.net
Subject: Re: [Acegisecurity-developer] missing voting facilities?

Andy Depue wrote:

>I wonder, though, if the ACL functionality would be a 
>better solution for this sort of thing?  The Voter we created below was
just 
>a quick hack, really.
>  
>
The BasicAclVoter is designed to locate the first domain object argument

in a method invocation, and then lookup the ACLs from AclManager. You 
then specify which bit masks are acceptable and these are searched for 
in the resulting ACLs. I am interested whether this approach would be 
sufficient to meet Andy and Fernando's needs.

Cheers
Ben


-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle
Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing &
QA
Security * Process Improvement & Measurement *
http://www.sqe.com/bsce5sf
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer


-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

Reply via email to