[errai-dev] fine grained security

Hi, We (Jonathan and I) had a chat today with Shane Bryzak how we could implement fine grained security. To give a little context Jonathan felt a need for something like that when integrating errai-security into the TODO list demo. He wants users to be able to share their lists with others. Another use for this would be in navigation, when a user can be shown a page only, if the request parameters combination is allowed for the specific user. PicketLink supports fine grained security when one implements a Service Provider Interface public interface PermissionResolver { public enum PermissionStatus { ALLOW, DENY, NOT_APPLICABLE } PermissionStatus hasPermission(Object resource, String operation); PermissionStatus hasPermission(Class<?> resourceClass, Serializable identifier, String operation); } Now the only thing we need to figure out is, a way to fit this into an api so that it's not PicketLink specific. And even better have it declarative, but it seems to be to fine grained to do that. I've create some issues already to track work on these things. Any thoughts, Erik Jan