Hey all,
I saw Davids ColdSpring presentation at the conference and Im wondering if having an Advisor to control security is a useable option for me.
I'm loading a structure of events with event name as the key and roles as the value into the application scope. My user object stored in session contains the users roles. At the beginning of each request I check to see if the user exists and is logged in then compare the users roles to the roles of the event they are asking for and redirect to error message if they dont have permission.
I have an empty BeforeAdvice set up and working but I'm not able to wrap my head around an implementation for my security process.
Im using MG Unity. Any high level suggestions?
