[ http://jira.andromda.org/browse/SPRING-97?page=comments#action_12029 ] Peter Friese commented on SPRING-97: ------------------------------------
Hi Kiran, I've got some more questions rearding the patch: 1) Until now, the Spring cartridge reads the roles of the service methods, meaning I can draw dependencies from an actor to a service method or even a whole service. As far as I can see, you use the tagged value acegiAclType to achieve something similar. Why do you want to drop support for actors? 2) Right at the end of applicationContext.xml.vsl, there is a block where you define beans for some static fields. In "Java Development with Spring", chapter 10 (Acegi Security), they refer to the static fields like this: <ref local="net.sf.acegisecurity.acl.basic.SimpleAclEntry.WRITE"/>. What is the benefit of the way you wrote it? Faster? Could you please attach a sample project using your patch, so I can have a closer look at what your intention is? This would be of great help. Thanks, Peter > Create methods in the serviceSecurityInterceptor from objects with a > "Service" stereotype and add a tagged value for the processConfigAttribute > ----------------------------------------------------------------------------------------------------------------------------------------------- > > Key: SPRING-97 > URL: http://jira.andromda.org/browse/SPRING-97 > Project: Spring Cartridge > Type: New Feature > Versions: 3.1RC1 > Reporter: Kiran Keshav > Assignee: Peter Friese > Attachments: SpringMetafacadeModel.xml.zip, patch.txt > > Add functionality to create all methods in the serviceSecurityInterceptor > based on methods in a service (objects modelled with a "Service" stereotype). > Add a tagged value to set the processConfigAttribute on each of these > methods (ie. ACL_FOOBAR_EDIT). This tagged value will be part of the > WebServiceOperation stereotype. > eg. > <bean id="serviceSecurityInterceptor" > class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> > <property name="authenticationManager"><ref > bean="authenticationManager"/></property> > <property name="accessDecisionManager"><ref > local="businessAccessDecisionManager"/></property> > <property name="afterInvocationManager"><ref > local="afterInvocationManager"/></property> > <property name="objectDefinitionSource"> > <value> > foo.bar.FooBarService.getAllFooBars=user, admin > foo.bar.FooBarService.updateFooBar=ACL_FOOBAR_EDIT > foo.bar.FooBarService.removeFooBar=ACL_FOOBAR_DELETE > </value> > </property> > </bean> ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
