Can't this be done such using Method SecurityMethodInvocation
security in Acegi? Not sure how you know it is a CEO employee declaratively
though. I guess this is what you are asking.
like:
sample.Employee.getSalary=ROLE_MANAGER
sample.Employee.getAddress=ROLE_ALL
Sorry, I know the example
Actually, that is exactly what I was stating. He needs to know whether an
employee is a CEO or a regular employee since both use the same Employee object.
What I was eluding to is that currently, even if you added a property in the
Employee object to determine if it is a CEO or not, I was
All,
I am trying to integrate Spring /Acegi into a critical application. Our
company has common web authentication mechnism that we need to use for
authentication. It basically set the REMOTE_USER variable in the http request. I
can use request.getRemoteUser or request.getUserPrincipal() to