I just took a look at Seam in the CVS and after going through the seamspace example I
can't say anything else than:
I love you guys! :-)
I've been putting off this project for a long time in lack of a good security
implementation and now you've solved a lot of my problems.
I know you've planned to work on the security release for at least three more weeks
(according to
http://jira.jboss.com/jira/browse/JBSEAM?report=com.atlassian.jira.plugin...)
but I've got something that you might not have thought of:
In security-config.xml you specify roles and assign permissions to them. What I would like
is to specify somewhere which permissions exists and what actions they can have. Something
like:
| <permissionDefinition>
| <name>user</name>
|
| <action>create</action>
| <action>modify</action>
| <action>delete</action>
| </permissionDefinition>
|
| <permissionDefinition>
| <name>account</name>
|
| <action>create</action>
| <action>delete</action>
| </permissionDefinition>
|
and then I could assign them to roles in the security-config OR I could create roles on
the fly from the application and pick permissions from some sort of gui based on the
initial permissions definition. Perhaps this sound totally crazy, or you've already
done it, what do I know :-)
An other thing that I came to think of:
Now the permissions store their name and action as strings. Wouldn't the use of enums
or something else that is typesafe make life easier for us? I'd hate to have a bug
where I misspelled one of the strings somewhere. Or did I miss something?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3996763#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...