Hello, On Wed, 2006-06-28 at 18:06 +0200, Gilles DEMARTY wrote: > Hi martin, > > > i want to have/create an authorization aware (menu/button) component. > Every Tomahawk components are user-role aware > http://wiki.apache.org/myfaces/User-role_Awareness
Thanx for this hint! Until now i thought we could not use the principal/role concept because we have a more fine grained security concept based on roles that have a specific "userType" and associate several permissions (roleA -> userTypeFoo, [permission1, permission2]; roleB -> ...). But if i we tie our permissions to the principal's roles, this should do the trick, so it simply depends on the point of view. Otherwise, if we would like to enable anything dependent on the user's role (in our terms of role, e.g. roleA) or userType, this would not be possible, or we would have to create pseudo permissions for the role and the userType. I'll think about it some minutes :) Thanx for pushing my mind, cheers, Martin > > hope this answers your request >
signature.asc
Description: This is a digitally signed message part
