[jboss-user] [JBoss Seam] - To Gavin king__suggestion about restriction

ybxiang.wolf do-not-reply at jboss.com
Fri Jun 15 04:46:09 EDT 2007 

Gavin King:

I love seam so much!!!!!
I have 2 years web experience, and find that the security restriction offered by seam(jbpm or drools) is not enough. Now,i give a example:

100 Users:
u1---->u100.

100 Actions,namely 100 methods:
m01--->m1000

now,
u1 is allowed to access m01-m10
u2 is allowed to access m11-m20
u3 is allowed to access m21-m30
u4 is allowed to access m31-m40
u5 is allowed to access m41-m50
..................
u100 is allowed to access m991-m1000

Then, if i use drools, i must create 100 roles!!!!

I suggest:
add a new method named "addPermission" to class org.jboss.seam.security.Identity.

when i logg in, i just code like this:

************************************************
@Name("authenticator")
public class AuthenticateAction {
    @Logger Log log;    
    @In Identity identity;
    
    @IfInvalid(outcome="REDISPLAY")
    public boolean authenticate() {
        log.info("authenticating #0", identity.getUsername());
        //...............
        //find permission from DB for this user
        List lst_user1 = ...;
        for(int i=0;i<lst_user1.size();i++){
            identity.addPermission(lst_user1.get(i).toString());
        }
        ....
    }
}
************************************************

And check permission lick this:

In JSF:
<s:link view="/xxxx.xhtml" action="#{xxx}" value="Logout" rendered="#{identity.hasPermission('xxx')}"/>

In java code:
@Restrict(...hasPermission('xxx')...)
public void xxx(){

}



I think this is a more simpler method about access control. I really love seam and want seam has this feature!!!

Please think about it. 

When i touch ejb2.1, i really hate it EJB! 
But EJB3.0 give me the new hope. Hibernate, ejb3.0,seam are really the best in the word.


Please, please think about this suggestion!!!!!!!!!!!!!!!!



(I am chinese, i really envy americans have so good enviroment! )

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4054644#4054644

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4054644

More information about the jboss-user mailing list