I've opened a JIRA about it: https://issues.apache.org/jira/browse/WINK-100
On Wed, Jul 15, 2009 at 10:03 AM, Jain, Shashank Mohan <[email protected] > wrote: > The user role mapping can come from any user store like an LDAP or a DB. > I totally endorse the view of making this extensible to fine grain > authorizations at the data level rather then API level. > > -----Original Message----- > From: Michael Elman [mailto:[email protected]] > Sent: Wednesday, July 15, 2009 12:05 PM > To: [email protected] > Subject: Re: Using @RolesAllowed for Role Based Access Control > > My initial thought was to use isUserInRole interface regardless how the > user/role relationship was defined. > Actually the call for isUserInRole must have the ability for an extension, > so the users could override it with the specific behavior (most applications > that I know, provide their own authorization mechanism, so we should be able > to integrate) > > Btw, I think that web.xml contains the roles definitions, while user/role > relationships are defined in container. > > > On Tue, Jul 14, 2009 at 5:58 PM, Nicholas L Gallardo <[email protected] > >wrote: > > > Does the web.xml have stanzas for defining user/role relationships? Or > > would this have to come from some other config? > > > > > > > > Nicholas Gallardo > > WebSphere - REST & WebServices Development [email protected] > > Phone: 512-286-6258 > > Building: 903 / 5G-016 > > [image: Inactive hide details for Michael Elman > > <[email protected]>]Michael Elman <[email protected]> > > > > > > > > *Michael Elman <[email protected]>* > > > > 07/14/2009 09:55 AM > > Please respond to > > [email protected] > > > > > > To > > > > [email protected] > > cc > > > > > > Subject > > > > Re: Using @RolesAllowed for Role Based Access Control > > > > We have plans to support the security annotations from JSR 250. But we > > didn't discuss it yet. > > > > On Tue, Jul 14, 2009 at 4:58 PM, Jain, Shashank > > Mohan<[email protected]> wrote: > > > Do we have support Role Based Access Control for different Restful > > endpoints. > > > Regards > > > Shashank > > > > >
