[jboss-user] [JBoss AOP] - Re: Problem with prepackaged security aspect on a POJO using
kabir.khan@jboss.com
do-not-reply at jboss.com
Thu Feb 1 19:17:47 EST 2007
At a glance this looks correct...
Try checking out jboss from cvs and building that, and then the testsuite. Have a look at aoptest.sar...
Actually revisiting this I see that we do
| <prepare expr="all(org.jboss.test.aop.bean.SecuredPOJO)"/>
|
| <metadata tag="security" class="org.jboss.test.aop.bean.SecuredPOJO">
| ....
|
i.e. we "prepare" AND apply metadata to the class we want to secure. I can't remember off the top of my head if this "prepare" is a requirement or not, but try:
| <?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE aop PUBLIC
| "-//JBoss//DTD JBOSS AOP 1.0//EN"
| "http://www.jboss.org/aop/dtd/jboss-aop_1_0.dtd">
|
| <aop>
| <prepare expr="all(security.TransferFunds)"/>
| <metadata tag="security" class="security.TransferFunds">
| <security-domain>java:/jaas/other</security-domain>
| <run-as>admin</run-as>
| <method-permission>
| <role-name>rolB</role-name>
| <method>
| <method-name>withdrawAll</method-name>
| </method>
| </method-permission>
| <method-permission>
| <role-name>rolA</role-name>
| <method>
| <method-name>deposit</method-name>
| </method>
| </method-permission>
| </metadata>
| </aop>
|
HTH
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4009761#4009761
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4009761
More information about the jboss-user
mailing list