I think this a Spring-Security issue, not a Tapestry one. I never did that but i think u may want to look at AccessDecisionVoter interface and implement one that checks its value agains the database.
This may help u: http://blog.springsource.com/2009/01/02/spring-security-customization-part-2-adjusting-secured-session-in-real-time/ On Sat, Jan 16, 2010 at 6:22 AM, Thiago H. de Paula Figueiredo <thiag...@gmail.com> wrote: > On Sat, 16 Jan 2010 00:10:42 -0200, jc1001 <jc1000...@yahoo.co.uk> wrote: > >> >> Is it possible to use dynamic roles in the @Secured("ROLE_XYZ") page >> annotation in such a way that a service could be employed to retrieve a >> list of roles and populate the annotation before the request is >> intercepted/interrogate by the Spring $ecurity integration? > > AFAIK, no. > >> Something equivalent to an expansion to call a method in onBeforeRender >> method etc? It appears that annotation values are fixed at compile time, or >> am I >> <hopefully> missing something obvious? > > They are fixed at compile time. > >> Background is to allow certain pages >> to have their $ecurity requirements amended through the UI without a >> restart. > > Inside Tapestry and its live class reloading mechanism, it's possible to get > changes in annotations whithout a restart, but I don't know if > Tapestry-Spring Security does that. > > -- > Thiago H. de Paula Figueiredo > Independent Java, Apache Tapestry 5 and Hibernate consultant, developer, and > instructor > Owner, software architect and developer, Ars Machina Tecnologia da > Informação Ltda. > http://www.arsmachina.com.br > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
