[jboss-user] [JBoss Seam] - Security: access control at entity level?

kingcu do-not-reply at jboss.com
Wed May 2 15:02:37 EDT 2007

After reading chapter 20 of the Seam book, it seems to me that Seam has built in security support for access control at the method level of session beans. I wonder if the @Restrict annotation can be put on entities to control access to certain entities.

Here is my situation: I have some business entities with various relationships between each other (one-to-one, one-to-many, etc) and through foreign keys or mapping tables, they are organized into a tree structure. I'd like to have the admin role to access all the tree entities, while other roles can only access a certain part of the tree. The accessible part of the tree should be defined dynamically, i.e., an admin user logs into a web UI and selects which part of the tree is accessible for each of the other roles. 

Any suggestions/ideas on how this could be implemented with Seam? Thanks.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4042566#4042566

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4042566

More information about the jboss-user mailing list