Also custom actions will help. For example "all" and "forum" to indicate if a user has permissions on all forums or just on those forums he is a registered user / administrator etc. Combined with my previous mail you can optimize your security check a bit. We actually use both of these techniques in our own application to determine for what departments a user has certain rights.
Maurice On 9/19/07, Maurice Marrink <[EMAIL PROTECTED]> wrote: > Swarm will work just fine for what you want. > You should create a new ISecurityCheck that will wrap another build in > check (probably a ComponentSecurityCheck) and if the wrapped check > says it is ok, then your check needs to validate if the user is > actually administrator / owner whatever you want. You could do this in > a single custom check but i like the code reuse you get from wrapping > :). > > I haven't read the book, maybe i should ... :) > > Maurice > > On 9/19/07, ChuckDeal <[EMAIL PROTECTED]> wrote: > > > > > > Robert ... wrote: > > > > > > I'm making a forum project to learn about Wicket, Hibernate & Spring. > > > It has been interesting, but now I am kinda stuck for a while on > > > authentication/authorization. > > > > > > The difficulty I am having is that the "roles" a user can have is > > > based on the forum he is on. Each forum is owned by a different user. > > > So a user can be a "forum administator" on forum A, but be a > > > "registered user" on forum B. All examples I see seem to determine > > > the roles context-free. > > > > > > > See this thread for a description of how I do context (or data) sensitive > > roles. > > http://www.nabble.com/Best-Practices-for-accessing-repainting-sibling-cousin-components--tf3841514.html#a10895313 > > -- > > View this message in context: > > http://www.nabble.com/Context-sensitive-roles-tf4479548.html#a12775716 > > Sent from the Wicket - User mailing list archive at Nabble.com. > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
