Re: [security-dev] Permission and Role

Is it possible To aggregate permissions under roles. This makes it easier To grant roles To A user and thereby A large set OF permissions. -----Original Message----- From: "Shane Bryzak" <sbryzak(a)redhat.com&gt; Sent: ‎2014-‎06-‎05 01:29 To: &quot;security-dev(a)lists.jboss.org&quot; <security-dev(a)lists.jboss.org&gt; Subject: Re: [security-dev] Permission and Role Hi Rahul, They are fundamentally two very different things. A role is typically used to define a set of users for which specific privileges are to be assigned, while a permission is used to control access to application resources or services. A permission check can actually use the user's roles to determine whether the user has the necessary privilege to perform an action. Here's a couple of pseudo-code examples to make this a little clearer: 1. Restricting access to a method based on the user's role: @RolesAllowed("admin") public void doProtectedOperation() { ... } 2. Restricting access to a method to users with permission to cancel a specific "order": public void cancelOrder(@HasPermission("cancel") Order order) { ... } Hope that helps! Shane On 06/05/2014 09:13 AM, Rahul Mahindrakar wrote: Hi I have not been able to have a grasp of the difference between the usage of Role and permissions. Can someone guide me in this direction Thanks Rahul _______________________________________________ security-dev mailing list security-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/security-dev