There's an outstanding JIRA issue to add this kind of functionality to Seam security, however you can easily implement it in your own application. Roughly, the steps are:
1) Create a Permission class with a name and action property. For this example let's call it GrantedPermission. 2) In your authentication method, assert a GrantedPermission instance into the working memory (using RuleBasedIdentity.getSecurityContext().assertObject()) for each of the permissions granted via the user's role memberships. 3) Write a rule that matches permission checks against the granted permissions in the working memory, i.e. something like this: | rule GrantDynamicPermission | no-loop | activation-group "permissions" | salience -10 | when | check: PermissionCheck(granted == false) | GrantedPermission(n : name -> (n.equals(check.name)), a : action -> (a.equals(check.action))) | then | check.grant(); | end; | You'll have to double-check the syntax of the rule, however it demonstrates in principle what you need to do. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4040048#4040048 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4040048 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
