From seam-commits at lists.jboss.org Sun Aug 3 21:22:44 2008 Content-Type: multipart/mixed; boundary="===============5084455998412196999==" MIME-Version: 1.0 From: seam-commits at lists.jboss.org To: seam-commits at lists.jboss.org Subject: [seam-commits] Seam SVN: r8562 - trunk/doc/Seam_Reference_Guide/en-US. Date: Sun, 03 Aug 2008 21:22:44 -0400 Message-ID: --===============5084455998412196999== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Author: shane.bryzak(a)jboss.com Date: 2008-08-03 21:22:44 -0400 (Sun, 03 Aug 2008) New Revision: 8562 Modified: trunk/doc/Seam_Reference_Guide/en-US/Security.xml Log: documented typesafe role checks Modified: trunk/doc/Seam_Reference_Guide/en-US/Security.xml =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- trunk/doc/Seam_Reference_Guide/en-US/Security.xml 2008-08-04 01:12:40 U= TC (rev 8561) +++ trunk/doc/Seam_Reference_Guide/en-US/Security.xml 2008-08-04 01:22:44 U= TC (rev 8562) @@ -2966,7 +2966,7 @@ = - Typesafe Security Annotations + Typesafe Permission Annotations = Seam provides a number of annotations that may be used as an alter= native to @Restrict, which have @@ -3041,7 +3041,34 @@ = = + + = + + Typesafe Role Annotations = = + + In addition to supporting typesafe permission annotation, Seam Sec= urity also provides typesafe role annotations that + allow you to restrict access to component methods based on the rol= e memberships of the currently authenticated user. + Seam provides one such annotation out of the box, org.jbo= ss.seam.annotations.security.Admin, used + to restrict access to a method to users that are a member of the <= literal>admin role (so long as your = + own application supports such a role). To create your own role an= notations, simply meta-annotate them with + org.jboss.seam.annotations.security.RoleCheck, = like in the following example: + + = + + + + Any methods subsequently annotated with the @User annotation as shown in the above example + will be automatically intercepted and the user checked for the mem= bership of the corresponding role name + (which is the lower case version of the annotation name, in this c= ase user). + + = = @@ -4379,8 +4406,9 @@ Permission checks for PermissionManager operations = - Invoking the methods of PermissionManager requi= res that currently authenticated user - has the appropriate authorization to perform the operation. + Invoking the methods of PermissionManager requi= res that the currently-authenticated user + has the appropriate authorization to perform that management opera= tion. The following table lists the required + permissions that the current user must have. = @@ -4665,7 +4693,8 @@ Security Events = - The following table describes a number of events (see ) raised by Seam Security. + The following table describes a number of events (see ) raised by Seam Security + in response to certain security-related events. =
--===============5084455998412196999==--