[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-845) Allow configuration of which actions are restricted for entity security
Shane Bryzak (JIRA)
jira-events at lists.jboss.org
Tue Feb 13 19:55:30 EST 2007
[ http://jira.jboss.com/jira/browse/JBSEAM-845?page=comments#action_12353015 ]
Shane Bryzak commented on JBSEAM-845:
-------------------------------------
But we allow for this in other cases. Take component security for example - we can annotate only the component methods that we want to secure with @Restrict. Entity security doesn't provide equivalent flexibility, it's all or nothing.
> Allow configuration of which actions are restricted for entity security
> -----------------------------------------------------------------------
>
> Key: JBSEAM-845
> URL: http://jira.jboss.com/jira/browse/JBSEAM-845
> Project: JBoss Seam
> Issue Type: Feature Request
> Components: Security
> Reporter: Shane Bryzak
> Assigned To: Shane Bryzak
> Original Estimate: 1 hour
> Remaining Estimate: 1 hour
>
> We really need to be able to configure which entity actions are restricted (and which ones are not) for each restricted entity. I'm currently thinking of something along the lines of this:
> @Restrict
> @RestrictedActions({READ,DELETE})
> @Name("account")
> public class Account { ... }
> This is necessary so that it's not required to provide security rules for entity actions that are not intended to be restricted.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list