[jboss-user] [JBoss Seam] - Re: Security

[SmokingAPipe]

"sbryzak2" wrote : There will be integration with JSF/JAAS security, but I can't promise that it will be in the first release.  Do you have a specific requirement/reason for having to use JAAS?

I don't.  I checked into JAAS and it seemed way more complicated than what I need.

For me, the use case I need is simple:

Log in users based on a simple call-back object, which will itself check passwords in the DB or using the EntityManager.

Restrict access to web pages based on the user type

Render or don't render certain components of web pages based on user type.  For example, in a web forum, for a moderator show a "lock thread" button, but for ordinary users, don't show it.

That's all I need!  I can do that quite easily with Seam and a Filter now, but it would be great if it were integrated.

Oh, and a bit of extra niceness I would like, but don't need: be able to annotate methods on various classes to say that only certain user roles can access them.  So there might be methods on objects that an Administrator can access, but a Customer can't even use the method, so if I mess up, the object itself has a layer of protection.  That would be nice.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3992474#3992474

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3992474