Hao Chen wrote:
I thing I can
think of is to change the GrantedAuthorities
dynamically for every request based on which workspace
the user is trying to access. Will this work?
That will work, but it means you will be using AuthenticationManager
again for every request and you will need to be careful not to use the
normal caching.
It is far simpler in your case to write a custom AccessDecisionVoter
that can read the current workspace (either from an argument to the
secure method invocation or from a ThreadLocal) and then only consider
the GrantedAuthority[]s that are applicable for that workspace. It's
quite easy to do it, and you can use the existing RoleVoter as a guide.
Best regards
Ben
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
