[jboss-user] [JBoss Seam] - Re: Application Permissions

Tuesday, 22 August 2006

Well somewhere along the line you need to map the user to a permission (e.g. Peter is
allowed to view the credit card details of all users). So we group the permission
information somehow (e.g. credit-card-viewers are allowed to list the users of the
system), this is the JAAS role.  Then we think about users 'business roles' (e.g.
Sales & Accounts, both of whom are allowed to view credit card details).  Finally we
assign users to business roles (e.g. Peter is the sales director so is a member of Sales
and of Management Team).

So, each user can be a member of a number of business roles.  Each business role has an
associated set of permissions (a permission can be assigned to multiple business roles),
and permissions map directly to JAAS roles.  The rest is SQL :)

But I'm not sure I understand your requirement.  Have you got an ER diagram that
describes the relationship between Users, Groups and Roles?

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3966815#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [JBoss Seam] - Re: Application Permissions