[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-845) Allow configuration of which actions are restricted for entity security
[ http://jira.jboss.com/jira/browse/JBSEAM-845?page=comments#action_12353015 ]
Shane Bryzak commented on JBSEAM-845:
-------------------------------------
But we allow for this in other cases. Take component security for example - we can
annotate only the component methods that we want to secure with @Restrict. Entity
security doesn't provide equivalent flexibility, it's all or nothing.
Allow configuration of which actions are restricted for entity
security
-----------------------------------------------------------------------
Key: JBSEAM-845
URL: http://jira.jboss.com/jira/browse/JBSEAM-845
Project: JBoss Seam
Issue Type: Feature Request
Components: Security
Reporter: Shane Bryzak
Assigned To: Shane Bryzak
Original Estimate: 1 hour
Remaining Estimate: 1 hour
We really need to be able to configure which entity actions are restricted (and which
ones are not) for each restricted entity. I'm currently thinking of something along
the lines of this:
@Restrict
@RestrictedActions({READ,DELETE})
@Name("account")
public class Account { ... }
This is necessary so that it's not required to provide security rules for entity
actions that are not intended to be restricted.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira