anonymous wrote : e.g. how would I ask: hasPermissionTo('drug',$patient.ssn,
$department)
Max... I'm not sure what exactly you are trying to do here... are you saying
that given the patient.ssn and department, you want to know if they have access
to a certain instance of the drug class?
If so, then you probably don't want ACL... ACLs are for matching a "User" with
certain Objects... not data from other Objects. So with ACLs, you could say
that the Drug Object with IDs 2, 8 & 456 are allowed access for User "blah".
I believe what you are looking for is an After Invocation interceptor.
Basically, you create a security class that takes in your object (Drug?,
Interface provided by Acegi) from maybe where you load your object like a
getDrug(Long id) and then you can run any sort of test you want against the
Drug Object to see if it passes authrorization. You tell Acegi to run the
security code on the Object returned by your getter, so your setting it up
against a particular method. I can post a bit of code that I wrote to do this
if this is what you were thinking about and you want to see how Acegi handles
it.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3941383#3941383
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3941383
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
