[jboss-user] [Security & JAAS/JBoss] - Re: Dynamicaly manage role permissions
eyal.zfira
do-not-reply at jboss.com
Mon Feb 16 11:06:22 EST 2009
"dsteinwe" wrote : Do authentication with jaas. For authorisation I suggest EJB3 interceptors. In the interceptor you can check the permissions for a principal (-> context information).
| For lean code you may define own permission annotations for the facades methods. In the interceptor you access these metadata.
| HTH Dieter
So in this way I basically have my own role-to-permission data model which I have to inquire in the interceptors, right?
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4210407#4210407
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4210407
More information about the jboss-user
mailing list