[ http://mc4j.org/jira/browse/STS-432?page=comments#action_10870 ] Nic Holbrook commented on STS-432: ----------------------------------
The only question that I see is that if a user has a set of roles and a new role is assigned to the user after they have been denied, it seems they would continue to be denied due to the fact that the response was cached initially. I guess the opposite could hold true as well. If a user had a role and was initially approved for access but then that role was taken away, how will the cache know? I do like how you moved the getUnauthorizedResolution to the SecurityManager class, though. This seems a little more intuitive. > NoCacheInterceptor and SecurityInterceptor > ------------------------------------------ > > Key: STS-432 > URL: http://mc4j.org/jira/browse/STS-432 > Project: Stripes > Issue Type: New Feature > Components: ActionBean Dispatching > Affects Versions: Release 1.5 > Reporter: Gregg Bolinger > Assigned To: Tim Fennell > Attachments: commons.tar.gz > > > This is the NoCacheInterceptor and SecureInterceptor implementations. I'll > attach the files in a comment -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://mc4j.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Stripes-development mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/stripes-development
