Ok, i think we'll use add and drop activeRoles to limit the activated roles... but we can't avoid the fact that our app has to maintain an association of users, roles and location, can we??
Thank you very much... 2014-12-12 11:20 GMT-02:00 Shawn McKinney <[email protected]>: > > > On 12/12/2014 07:04 AM, Shawn McKinney wrote: > > Or, if you want to get your feet wet programming in fortress you can add > a new role activation validator. Follow the example for LockDate, Date, > Time, etc located in the util/time package. Your validator must implement > the Validator interface and you must register the validator with the > fortress runtime by adding it to the fortress.properties and making your > binaries available to the classpath: > > > > > temporal.validator.n=mylocationchecker:com.mycompany.security.LocationChecker > > > > where n = n+1 the highest number of previous validator and class name is > the class you coded. You could store location info in the user properties > for a particular user. > > correction, here is the syntax for the registration in fortress.properties: > > temporal.validator.n=org.myorg.security.MyLocationChecker > > where n = n+1 the highest number of previous validator and class name is > the class you coded - org.myorg.security.MyLocationChecker. >
