[jboss-cvs] jboss-seam/doc/reference/en/modules ...

Gavin King gavin.king at jboss.com
Tue Feb 13 09:44:00 EST 2007 

  User: gavin   
  Date: 07/02/13 09:44:00

  Modified:    doc/reference/en/modules  security.xml
  Log:
  use orm.xml
  
  Revision  Changes    Path
  1.33      +44 -26    jboss-seam/doc/reference/en/modules/security.xml
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: security.xml
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/doc/reference/en/modules/security.xml,v
  retrieving revision 1.32
  retrieving revision 1.33
  diff -u -b -r1.32 -r1.33
  --- security.xml	13 Feb 2007 14:08:35 -0000	1.32
  +++ security.xml	13 Feb 2007 14:44:00 -0000	1.33
  @@ -575,11 +575,25 @@
         
         <para>      
           Seam security also makes it possible to apply security restrictions to read, insert, update and 
  -        delete actions for entities.  The security check performed for these operations (on entities
  -        for which security is enabled) is the permission check <literal>entityName:action</literal>,
  +        delete actions for entities.
  +      </para>
  +        
  +      <para>
  +        To secure an entity class, add a <literal>@Restrict</literal> annotation:
  +      </para>
  +        
  +      <programlisting><![CDATA[@Entity
  + at Name("customer")
  + at Restrict
  +public class Customer {
  +  ...
  +}]]></programlisting>
  +
  +      <para>
  +        The security checks performed are permission checks like <literal>entityName:action</literal>,
           where <literal>entityName</literal> is the name of the entity (or the class name if no @Name is 
           specified), and the <literal>action</literal> is either <literal>read</literal>, 
  -        <literal>insert</literal>, <literal>update</literal>, or <literal>delete</literal>.  Here's an 
  +        <literal>insert</literal>, <literal>update</literal> or <literal>delete</literal>. Here's an 
           example of an entity permission rule that checks if the authenticated user is allowed to create
           a new blog entry (from the seamspace example):
         </para>
  @@ -597,40 +611,44 @@
   end;]]></programlisting>
         
         <para>
  -        To enable entity security for your entities, refer to the following sections.
  +         Finally, we need to install a listener class that integrates Seam security with
  +         your JPA provider.
         </para>
         
         <sect3>
           <title>Entity security with JPA</title>
  +        
           <para>
             Security checks for EJB3 entity beans are performed with an <literal>EntityListener</literal>.
  -          To secure individual entity beans, add both <literal>@Restrict</literal> and 
  -          <literal>@EntityListeners</literal> annotations like so:
  +          You can install this listener by using the following <literal>META-INF/orm.xml</literal> file:
           </para>
           
  -        <programlisting><![CDATA[import javax.persistence.EntityListeners;          
  -import org.jboss.seam.security.JPASecurityListener;          
  +        <programlisting><![CDATA[<?xml version="1.0" encoding="UTF-8"?>
  +<entity-mappings xmlns="http://java.sun.com/xml/ns/persistence/orm"
  +                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  +                 xsi:schemaLocation="http://java.sun.com/xml/ns/persistence/orm http://java.sun.com/xml/ns/persistence/orm_1_0.xsd"
  +                 version="1.0">
             
  - at Entity          
  - at Name("customer")          
  - at EntityListeners(JPASecurityListener.class)
  - at Restrict
  -public class Customer {
  -  ...
  -}]]></programlisting>
  +    <persistence-unit-metadata>
  +        <persistence-unit-defaults>
  +            <entity-listeners>
  +                <entity-listener class="org.jboss.seam.security.EntitySecurityListener"/>
  +            </entity-listeners>
  +        </persistence-unit-defaults>
  +    </persistence-unit-metadata>
  +    
  +</entity-mappings>]]></programlisting>
   
         </sect3>
         
         <sect3>
           <title>Entity security with Hibernate</title>
  +        
           <para>
  -          If you are using Hibernate as your application's ORM, securing entity beans is as simple as
  -          adding a <literal>@Restrict</literal> annotation, as long as you use the
  -          <literal>HibernateSessionFactory</literal> provided with Seam.  This component will create
  -          a <literal>SessionFactory</literal> that is configured to use <literal>HibernateSecurityInterceptor</literal>,
  -          a Hibernate interceptor similar to the JPA entity listener described above that checks for permissions
  -          on restricted entities.
  +          If you are using a Hibernate <literal>SessionFactory</literal> configured via Seam, you don't 
  +          need to do anything special to use entity security.
           </para>
  +        
         </sect3>
         
       </sect2>

More information about the jboss-cvs-commits mailing list