Spring Security covers the login and web security as well as the object level
security.
In terms of the login and web security, I wrote this stuff myself for
JCatapult. It was pretty simple in general, but the gist is that a Servlet
filter looks for a specific URL (i.e. /jcatapult-security-check) and then uses
a well defined class to perform the login. You can also write a URI authorizer
as well to verify that a user has specific roles and which roles can access a
specific URI.
In terms of object level security, this is just a matter of writing a bit of
AOP to check the users privileges prior to invoking a method. The way I handle
this that during login, I stuff the User object into the session. Each request
in my security filter I pull it out and stuff it into a ThreadLocal. Then, I
just pull the User from the ThreadLocal and inspect it in a MethodInterceptor
based on an annotation on the method.
I find it is generally pretty simple to write all this stuff in a library that
I can re-use across projects. You can check out the code in the JCatapult
Security library to get an idea of how I did it all:
http://code.google.com/p/jcatapult/source/browse/#svn/jcatapult-security/trunk
-bp
On Dec 1, 2009, at 9:09 AM, severin wrote:
> What would be the best way to manage security and user roles with
> google guice ? (like spring security for example)
>
> Thank you for your answers !
>
> Severin
>
> --
>
> You received this message because you are subscribed to the Google Groups
> "google-guice" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/google-guice?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"google-guice" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-guice?hl=en.
