[jboss-user] [JBoss Seam] - Re: Can we security @Factory?
shane.bryzak@jboss.com
do-not-reply at jboss.com
Mon Nov 26 19:31:35 EST 2007
That particular permission is checked inline, not using @Restrict. However, if you look at BlogAction, you'll see that the createComment() method does use @Restrict and @Factory:
@Factory("comment") @Restrict @Begin(join = true)
| public void createComment()
The corresponding security rule is this one:
rule CreateBlogComment
| no-loop
| activation-group "permissions"
| when
| check: PermissionCheck(name == "blog", action == "createComment", granted == false)
| Role(name == "user")
| then
| check.grant();
| end
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4107906#4107906
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4107906
More information about the jboss-user
mailing list