Yes, Acegi will be the right solution with Spring. I've used it in an JSF-Spring application and it's very powerful, not so hard to integrate btw.
On the other hand, for securing ui components you may take a look at myfaces securitycontext features. http://wiki.apache.org/myfaces/SecurityContext Cagatay On 7/11/07, Adam Winer <[EMAIL PROTECTED]> wrote:
If you're already in the Spring game, Acegi seems a reasonable incremental solution. -- Adam On 7/10/07, Shane Petroff <[EMAIL PROTECTED]> wrote: > > Frank Nimphius wrote: > > Usually authorization is enforced on the business service layer and > surfaces in the UI. If e.g. a user has a permission, JAAS or container > managed, to update an attribute then this could/should be exposed in the UI > through expression language, referencing a method on the model that performs > the check permission call. > > What are the current best practices regarding security and JSF? Am I better > off integrating with something like Acegi (since I already use Spring)? > Googling the 2 suggests that Acegi integration can be painful, but now that > was then... A JAAS based approach seems like it gives one lots of > flexibility, but requires more work on the developers part. What are other > people using to provide method level authorization checks? > > Shane > > > Beside of this, security needs to be on page navigation, which is something > you need to implement in the JSF engine (MyFaces or JSF RI). Have a look at > > http://www.orablogs.com/fnimphius/archives/001790.html > http://www.orablogs.com/fnimphius/archives/001836.html > > where I created a sample for container managed and JAAS authorization. > > However, from this little development experience I can say that security in > JSF is nothing you implement within an afternoon but requires a well thought > through security framework that integrates not only with the UI but also the > model fro a consistent security enforcement. The easiest way to get started > with such an effort is to look at the security design patterns that exist > and work your way back to JSF- > > Frank > > > > > > Hi all, > > > > > > > > Can anyone please point me in the right direction as regards methods > > to execute authorisation & authentication to a Trinidad webapp. > > Something along the lines of Java Authentication and Authorization > > Service (JAAS). > > > > We want to implement an authorisation 'front door' as an underlining > layer. > > > > > > > > Has Trinidad its own implementation? I can't seem to find any > > information in this regards. > > > > Any info' would be appreciated! > > > > > > > > Best regards, > > > > Darren. > > > > > > > > P Please consider the environment before printing this email > > _________________________________________________________ > > > > 1. The information contained in this E-mail, including any files > > transmitted with it, is confidential and may be legally privileged. > > This E-mail is intended only for the personal attention of the stated > > addressee(s). Any access to this E-mail, including any files > > transmitted with it, by any other person is unauthorised. If you are > > not an addressee, you must not disclose, copy, circulate or in any > > other way use or rely on the information contained in this E-mail or > > any files transmitted with it. Such unauthorised use may be unlawful. > > If you have received this E-mail in error, please inform the sender > > immediately and delete it and all copies from your system. You may not > > forward this E-mail without the permission of the sender. > > > > 2. The views expressed in this E-mail are those of the author, and do > > not necessarily represent the views of AMT-SYBEX. Internet > > communications are not secure and AMT-SYBEX cannot, therefore, accept > > legal responsibility for the contents of this message nor for any > > damage caused by viruses. > > > > AMT-SYBEX Limited is a UK company, registration number GB03036807 at > > address The Spirella Building, Bridge Road, Letchworth, SG6 4ET. > > AMT-SYBEX (NI) Limited is a UK company, registration number NI024104 > > at address Edgewater Office Park, Edgewater Rd, Belfast, BT3 9JQ. > > For more information on the AMT-SYBEX Group visit http://www.amt-sybex.com > > _________________________________________________________ > > > > > > -- > Frank Nimphius > > > > -- > Shane >
