|
Hello,
just a
quick answer, maybe there must be thought more about it:
* what
about creating a role for each method of a bean (or each attribute), these roles
can be used in the deploymentdescriptor,
* let
the user create a higher role FINANCE (not named in the
deploymentdescriptor) and assign several lowlevel roles to
it,
* in
the Custom Server LoginModule take the higher role and search for the assigned
lowlevel roles and put all roles into the rolelist used to validate the
roles.
I hope
my answer is not to confused and give some help ...
Annegret
Hello to all of you Jboss users (especially the
ones that can help me)
I am starting to use Jbosssx for my
security. up until now I have had no problem testing it.
My problem though is that I am working on a
fairly large system and am confronted with the fact that the end users want to
add users AND Roles AND which fields in the database (CMP beans) these roles
can access/update at run time. There is no way I can tell up
front which roles may access which methods on which bean.
eg. They would like to create a new role
'FINANCE' and then assign users to that role as well as indicate the fields
that that particular role may access. I have a Custom login module which
athenticates against a table which holds a description of all cmp beans and
the attributes in them and the roles are then linked to these attributes.
Since in the ejb-xml file I have to say at deploy
time which roles can access which methods I have a problem because at deploy
time I dont know this.
Is there anybody who can point me in the right
direction to solve this problem. Or has dealt with the same issue
I would appreciate the help
Thanx in advance
Ivanhoe Abrahams
|
