|
I am checking the Hibernate reference documentation in http://docs.jboss.org/hibernate/orm/4.3/manual/en-US/html_single/.
The section 14.3 shows the JaccEventListenerIntegrator example as follows:
"14.3. Hibernate declarative security
Usually, declarative security in Hibernate applications is managed in a session facade layer. Hibernate allows certain actions to be permissioned via JACC, and authorized via JAAS. This is an optional functionality that is built on top of the event architecture.
First, you must configure the appropriate event listeners, to enable the use of JACC authorization. Again, seeHibernate Developer Guide for the details. Below is an example of an appropriateorg.hibernate.integrator.spi.Integrator implementation for this purpose.
import org.hibernate.event.service.spi.DuplicationStrategy; import org.hibernate.event.service.spi.EventListenerRegistry; import org.hibernate.integrator.spi.Integrator; import org.hibernate.secure.internal.JACCPreDeleteEventListener; import org.hibernate.secure.internal.JACCPreInsertEventListener; import org.hibernate.secure.internal.JACCPreLoadEventListener; import org.hibernate.secure.internal.JACCPreUpdateEventListener; import org.hibernate.secure.internal.JACCSecurityListener;"
I found some classes used in the example are outdated. “JACC” in the class names should be changed to “Jacc,” and the package “org.hibernate.secure.internal” should be changed to “org.hibernate.secure.”
I suggest replacing the classes as follows:
1) update JACCPreDeleteEventListener to org.hibernate.secure.JaccPreDeleteEventListener
2) update JACCPreInsertEventListener to org.hibernate.secure.JaccPreInsertEventListener
3) update JACCPreLoadEventListener to org.hibernate.secure.JaccPreLoadEventListener
4) update JACCPreUpdateEventListener to org.hibernate.secure.JaccPreUpdateEventListener
5) update JACCSecurityListener to org.hibernate.secure.JaccSecurityListener
Would some contributors confirm my suggestion, and update the example?
Thanks in advance,
Seonah
|
