After reading chapter 20 of the Seam book, it seems to me that Seam has built in security
support for access control at the method level of session beans. I wonder if the @Restrict
annotation can be put on entities to control access to certain entities.
Here is my situation: I have some business entities with various relationships between
each other (one-to-one, one-to-many, etc) and through foreign keys or mapping tables, they
are organized into a tree structure. I'd like to have the admin role to access all the
tree entities, while other roles can only access a certain part of the tree. The
accessible part of the tree should be defined dynamically, i.e., an admin user logs into a
web UI and selects which part of the tree is accessible for each of the other roles.
Any suggestions/ideas on how this could be implemented with Seam? Thanks.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4042566#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...