[errai-dev] interceptors
Eric Wittmann
eric.wittmann at redhat.com
Thu May 2 07:17:40 EDT 2013
First, I just want to point out that, while I agree that the real
security constraints *must* live server-side, there are also client-side
security concerns. You guys have already mentioned (and agreed on)
things like showing information about the current user. I wanted to add
for the record (is there a record?? :)) that it would also be extremely
helpful in Errai to be able to bring the roles/permissions across to the
client so that UI elements (menu items, buttons, entire pages) can be
included/excluded easily based on the user's permissions. That's not
security, but it would be great if it were a standard part of the framework.
More importantly, Thomas - is there any chance you have either some
documentation or can point at the actual code to show examples of the
role/permission management you are using?
On 05/02/2013 03:55 AM, Thomas Frühbeck wrote:
> - authentication by SeamSecurity (brings PicketLink, JAAS, powerful
> role/permission managent) - perhaps later exchange with DeltaSpike? No
> problem!
More information about the errai-dev
mailing list