OK, gotcha. (To my shame) I didn't recognize RBAC as an acronym, and was offline so couldn't google it.
Anyway, glad that something of what I said was helpful, even if I did go and grab entirely the wrong end of the stick! Cheers Dan On 12 August 2013 23:29, David Tildesley <[email protected]> wrote: > > Dan Haywood wrote: > > > > Even though you say you don't want to think of this in terms of security, > > it does feel like a security concern to me... at least insofar that > > "addRole(user, securityRole)" implies access to specific functionality? > > Hi Dan, > > I think you have misunderstood - the security roles have nothing to do > with the application that manages them. They are roles for other > applications and IT resources. The business domain for the application in > this case is "Role Based Access Control Management". > > The rest of your post however is interesting from an entirely different > subject and we have a need to do something like this for "Maintain my > details" function. > > Thanks, > David.
