[jboss-user] [JBoss Seam] - Re: Security - Define dynamic Role in application
shane.bryzak@jboss.com
do-not-reply at jboss.com
Mon Apr 23 19:09:00 EDT 2007
There's an outstanding JIRA issue to add this kind of functionality to Seam security, however you can easily implement it in your own application. Roughly, the steps are:
1) Create a Permission class with a name and action property. For this example let's call it GrantedPermission.
2) In your authentication method, assert a GrantedPermission instance into the working memory (using RuleBasedIdentity.getSecurityContext().assertObject()) for each of the permissions granted via the user's role memberships.
3) Write a rule that matches permission checks against the granted permissions in the working memory, i.e. something like this:
| rule GrantDynamicPermission
| no-loop
| activation-group "permissions"
| salience -10
| when
| check: PermissionCheck(granted == false)
| GrantedPermission(n : name -> (n.equals(check.name)), a : action -> (a.equals(check.action)))
| then
| check.grant();
| end;
|
You'll have to double-check the syntax of the rule, however it demonstrates in principle what you need to do.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4040048#4040048
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4040048
More information about the jboss-user
mailing list