Hi, I'm not sure I understand what you mean by "read" and "write" permissions on a jsp? Acegi can do the follow:
1) Declarative role based access to URL's (and hence JSPs). 2) Declarative role based interceptors for methods on Spring managed beans. So using 1 you could restrict access to "write" pages (assuming you use separate JSPs for read and write), and/or you could use 2 to restrict access to the save* methods on your manager beans to certain roles (thereby preventing unauthorized roles from updating your entity pojos). If, however, you need to selectively enable/disable save buttons based on the user's role, then you will need to embed the Acegi authz tags in your JSP. More information can be found in the Acegi documentation: http://www.acegisecurity.org/reference.html Mike On 1/15/07, ErwinF <[EMAIL PROTECTED]> wrote:
Hello, I am trying to find out if it is possible to give a role specific read and/or write rights using a matrix in Acegi. For example, lets say i have 2 roles : user and superuser, and i have 2 jsps, a.jsp and b.jsp. The matrix could look like this : Role Page Read Write user a.jsp X user b.jsp X X superuser a.jsp X X superuser b.jsp X X Is this possible to implement using Acegi without manipulating my jsps or my code? Perhaps through security.xml? Or could anyone point me to some resources i could study? Thanks in advance -- View this message in context: http://www.nabble.com/Add-custom-read-write-rights-using-Acegi-tf3014557s2369.html#a8371348 Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
