[jboss-user] [JBoss Seam] - Re: security pattern
markfoerstein
do-not-reply at jboss.com
Thu Apr 12 22:09:35 EDT 2007
You mean extend Identity from your User class like this?:
...class User extends Identity {
| ...
|
I don't think it is the right approach (although Im not the expert here :-P)
You use Identity whenever you want to restrict access to a class or method and to query if the user is logged in or not. By "user" I don't mean your class "User".
When you authenticate, Seam will flag the Identity with loggedIn = true, and you can restrict access to classes or methods:
| @Restrict("#{identity.loggedIn}")
| public class ...
|
| (OR)
|
| @Restrict("#{identity.loggedIn}")
| public String create() {
| ...
|
Also, when you authenticate (through querying the database) you can @Out your authenticated "User" class so you can @In it wherever you want and get the members (username, nickname, etc). Just see the examples Shane told you...
Hope this could be helpful...
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4036928#4036928
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4036928
More information about the jboss-user
mailing list