jw wrote:
wouldn't it be nice to have a BeforeInvocation - security mechanism, for example to set some User-specific filter properties in a hibernate Query object, so only a specific set of domainobjects is fetched by the databaseAny reason you couldn't use the existing AccessDecisionManager approach to mutate the secure object invocation? The AccessDecisionVoter interface would probably do what you need:
AfterInvocation can only filter-out objects after all are fetched by the database, right?
This seems not so efficient
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config);
Cheers Ben
------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer