Hi,
I'm trying to implement some data filtering based on ACL (Access Control List).
The requirment is to provide an option to configure security per entity by giving permissions for user group to have access to specific entity.
I have a table that holds entity class (fully qualified class name), entity id and group name to give permissions for.
For now I've made a jdbc service that querying the database to get list of permitted entity ids, and then I'm adding an IN clause to the criteria on the resulting list.
I'd want to implement this with Hibernate.
The @Any annotation seems to fit for this, but I'd want to make this in some generic way, without a need to write more code, or more xml every time when I need to add new entity under security constraint (It has to be fully generic because the user need to have the ability to configure it).
Contrary to my expectations the @MetaValue annotation that is part of @AnyMetaDef annotation is mandatory.
I hoped that behavior will be in Convension Convention Over Configuration style, and that it will be enough to put fully quilified qualified class name in DB and hibernate will understand just by that what entity to do binding to.. I'd appreciate a lot if you would give us me some advise in how this can be implemented with hibernate, and if I am in the right direction. Are they any other better approaches to solved it?
Thank you! |
|