I have to implement mandate-type access to EJB beans
it means, that:
1. Any user have
a) username;
b) password;
c) mandate access level (simply, "mandate") for example it can be a integer
number in range [0; 4].
2. Any user can login with its username, password and current_mandate that can
be (it must be checked) <= his mandate.
3. Any mehod of EJB bean will be divide to 2 types:
a) "read" methods;
b) "write" methods.
4. Each EJB bean will have mandate level (mandate);
5. When user U calls method M in bean B we must
chack, that
if (M is "read" method) then
U.mandate <= B.mandate
if (M is "write" method) then
U.mandate >= B.mandate
6. JMS must be changed to embed mandate level into message envelope.
7. Our DB already have such system:
Any table already have special field "mandate_level".
Any user can indicate any current_mandate <= his mandate
so this user can read rows with mandate <= current_mandate
but can write rows indicating mandate = his mandate (not current).
So Entity beans must write rows with mandate_level field =
current_mandate!
The question is:
What is the best way to do this?
Have I rewrite JaasSecurityMgr class or it will be enough to write some
plug-in or somethig else?
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3888479#3888479
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3888479
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
