The first option seems like the easiest solution to me. Matt
On 10/22/07, George.Francis <[EMAIL PROTECTED]> wrote: > > I noticed that the methodSecurityInterceptor bean in security.xml has : > <value> > org.appfuse.service.UserManager.getUsers=ROLE_ADMIN > org.appfuse.service.UserManager.removeUser=ROLE_ADMIN > </value> > Which would seem to apply role-based security at the webservice method > level. > If I wanted to apply security to different methods based on the User, could > I do this by either: > a) creating new Roles (one for each method in the webservice eg: > ROLE_ALLOW_GETUSERS) > or: > b) changing this annotation in security.xml to somehow reference individual > Users? > > thanks > > -- > View this message in context: > http://www.nabble.com/Method-level-web-service-security-for-Users-tf4673765s2369.html#a13352858 > Sent from the AppFuse - User mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- http://raibledesigns.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
