[ http://jira.andromda.org/browse/SPRING-97?page=comments#action_12042 ] Chad Brandon commented on SPRING-97: ------------------------------------
Kiran, What we're saying is: please try to work within the existing way of modeling security (extend that). We (me especially) don't want to resort to providing all security through tagged values (especially since the existing way works for most stuff and is more intuitive). Since I haven't researched Acegi security I really have no idea what you're talking about when you say "role based voting". > Create methods in the serviceSecurityInterceptor from objects with a > "Service" stereotype and add a tagged value for the processConfigAttribute > ----------------------------------------------------------------------------------------------------------------------------------------------- > > Key: SPRING-97 > URL: http://jira.andromda.org/browse/SPRING-97 > Project: Spring Cartridge > Type: New Feature > Versions: 3.1RC1 > Reporter: Kiran Keshav > Assignee: Peter Friese > Attachments: SpringMetafacadeModel.xml.zip, patch.txt > > Add functionality to create all methods in the serviceSecurityInterceptor > based on methods in a service (objects modelled with a "Service" stereotype). > Add a tagged value to set the processConfigAttribute on each of these > methods (ie. ACL_FOOBAR_EDIT). This tagged value will be part of the > WebServiceOperation stereotype. > eg. > <bean id="serviceSecurityInterceptor" > class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"> > <property name="authenticationManager"><ref > bean="authenticationManager"/></property> > <property name="accessDecisionManager"><ref > local="businessAccessDecisionManager"/></property> > <property name="afterInvocationManager"><ref > local="afterInvocationManager"/></property> > <property name="objectDefinitionSource"> > <value> > foo.bar.FooBarService.getAllFooBars=user, admin > foo.bar.FooBarService.updateFooBar=ACL_FOOBAR_EDIT > foo.bar.FooBarService.removeFooBar=ACL_FOOBAR_DELETE > </value> > </property> > </bean> ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
