"perwik" wrote :
| I don't understand. How is what you are describing different to
@RolesAllowed in EJB3?
|
| @RolesAllowed("ContentAdmin")
| public void doSomething() {}
|
would only let you check if the current user belongs to one of the groups
(roles) that you allow to access that method (in this case ContentAdmin). This
would require that you have all roles defined at compile time. I don't want
that at all. I want
| @RequiredPermission(name="ContentPermission" type="read")
| public void doSomething() {}
|
And then I'm free to create groups, put users into them and assign permissions
to those groups as needed at runtime. This would allso make it possible to do
something like
| <authz:acl domainObject="${content}" hasPermission="read">
| Only show this if the user is authorized to see it.
| </authz:acl>
|
(This was taken from the Acegi Reference Guide)
All of this is very possible to do with JAAS, but it looks like some things are
still missing in JBoss Security.
I'm not saying that we should use Acegi instead of JAAS, I didn't even know
Acegi existed until yesterday when I read this thread.
Well, AFAIK what you are talking about is the difference between logical and
application roles.
"ContentAdmin" is a role known to the application, configured with
| <security-role>
| <description>content admin</description>
| <role-name>ContentAdmin</role-name>
| </security-role>
|
and used like
| <method-permission>
| <role-name>ContentAdmin</role-name>
| <method>
| ...
| </method>
| </method-permission>
|
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3940156#3940156
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3940156
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
