How would you do dynamical contextual security or ACL checks ?
(or maybe that is considered business logic instead of security ;)
e.g. how would I ask: hasPermissionTo('drug',$patient.ssn, $department)
this is a variation of ACL security
http://acegisecurity.org/docbook/acegi.html#acls
The trick here is that there is not a constant range of values for the patient
and department since they are driven by the business.
I never found a good way of doing that with ejb security; so if that is
possible in ejb3 now then I would like to hear about it.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3940894#3940894
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3940894
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
