"[EMAIL PROTECTED]" wrote : You can place a element within a element inside
pages.xml, like this:
|
| <page view-id="/orderDetail.xhtml">
| | <restrict>#{s:hasRole('admin')}</restrict>
| | </page>
What is the recommended alternative implementation strategy to hard-coding the
role(s) like above in pages.xml? for example, storing the role information in
a RDBMS table so that we can update role data real-time and users are granted
roles when they begin a new session.
Is it even necessary to do this? the argument bein that roles for page level
access do not change frequently enough to need real-time updates?
Also, is it sufficient in most cases to use s:hasRole for component level
restriction on JSF's instead of using s:hasPermission?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4123159#4123159
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4123159
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
