Well somewhere along the line you need to map the user to a permission (e.g. Peter is allowed to view the credit card details of all users). So we group the permission information somehow (e.g. credit-card-viewers are allowed to list the users of the system), this is the JAAS role. Then we think about users 'business roles' (e.g. Sales & Accounts, both of whom are allowed to view credit card details). Finally we assign users to business roles (e.g. Peter is the sales director so is a member of Sales and of Management Team).
So, each user can be a member of a number of business roles. Each business role has an associated set of permissions (a permission can be assigned to multiple business roles), and permissions map directly to JAAS roles. The rest is SQL :) But I'm not sure I understand your requirement. Have you got an ER diagram that describes the relationship between Users, Groups and Roles? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3966815#3966815 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3966815 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
