Hi Areeb, Thanks for sharing your impressions!
You definitely need to look at Restlet 1.2 (being renamed to 2.0) and its new security API. For now we only have the specifications and the Javadocs as documentation: "Security API refactoring" http://wiki.restlet.org/developers/172-restlet/212-restlet.html Of special interest to you, you might want to check the Role, MethodAuthorizer and RoleAuthorizer classes in the "org.restlet.security" package. You might need to create your own Authorizer subclass though, which should be trivial. Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com -----Message d'origine----- De : Areeb [mailto:[email protected]] Envoyé : mardi 12 mai 2009 15:13 À : [email protected] Objet : Controlling access to resources Hello, I am new to Restlet and I like it because it really simplifies things without cutting out flexibility. I would like to know if the following feature is available and in which version, please: I want to restrict access to resources; this restriction is different for each type of user. For example if I have a resource called Orders and two different user types usertype1 and usertype2. I would like to enable usertype1 to do GET, PUT on the resource, but usertype2 for usertype2 to only do GET. Is there a way in which I can code these kinds of rules for all the resources? Or do I need to do this from scratch I’ve looked quickly into Guard in v1.1 and into v1.2 but they seem to be solving other problems. Thanx Regards, Areeb ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2213010 ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2261734
