Hi Kalle, this is in interesting idea and there's no default support for what Trail has. However, this doesn't mean that it wouldn't be easy to add something similar. To be able to give you an educated response, would you mind explaining me what happens when a user is accessing data that he doesn't have access to? Does the functionality or the entity simply disappear? If that's the case, it wouldn't be hard to add this to crud features of RIFE. We could add meta data to the ConstrainedBean class that would basically allow you to specify the same information, and that would then be used by the crud functionalities when the view is built or the operations are executed.
What do you think? Best regards, Geert On 20 May 2008, at 20:03, Kalle Korhonen wrote: > Talked to Geert a bit in IRC, but basically my question was about > the domain model-based security in RIFE. My experience has been that > typically offered role-based security is not flexible enough, but > "owner-instance" (my concept) solves about 90% of the remaining > cases. Basically, I want to be able to secure access to user's own > profile or automatically get only things user owns (or is > "associated with") from all things available, so I see no point > trying to secure access to some specific urls as the permissions > depend on the instance rather than type. I've implemented and used > the concept very successfully with Trails > (http://trailsframework.org/Security+module > ) - basically only requiring me to add a single annotation on my > domain entity to establish a permission that allows only the current > user to access the entity. Unfortunately for me, Tapestry (or any > other standard framework) doesn't have a built-in support for > conversations (of which I've also written about in > http://docs.codehaus.org/display/TRAILS/2008/01/24/Full+Steam+ahead+with+Trails+2.0%21) > > which of course is the bread and butter in RIFE. So, I wonder if > RIFE supports domain-model based security and how is it done in > practice (e.g. can you add these rules to the metadata)? I didn't > find anything much about it from the documentation, I'd appreciate a > link if I missed it. > > Kalle > > > -- Geert Bevin Terracotta - http://www.terracotta.org Uwyn "Use what you need" - http://uwyn.com RIFE Java application framework - http://rifers.org Music and words - http://gbevin.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "rife-users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rife-users?hl=en -~----------~----~----~----~------~----~------~--~---
