[jboss-user] [JBoss Seam] - Security: access control at entity level?

Wednesday, 2 May 2007

After reading chapter 20 of the Seam book, it seems to me that Seam has built in security
support for access control at the method level of session beans. I wonder if the @Restrict
annotation can be put on entities to control access to certain entities.

Here is my situation: I have some business entities with various relationships between
each other (one-to-one, one-to-many, etc) and through foreign keys or mapping tables, they
are organized into a tree structure. I'd like to have the admin role to access all the
tree entities, while other roles can only access a certain part of the tree. The
accessible part of the tree should be defined dynamically, i.e., an admin user logs into a
web UI and selects which part of the tree is accessible for each of the other roles. 

Any suggestions/ideas on how this could be implemented with Seam? Thanks.

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4042566#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [JBoss Seam] - Security: access control at entity level?