March, Andres wrote:
3 more things:
- I sync'd to cvs and don't see your changes. Got the JAAS ones though.
Welcome to SourceForge. AFAIK they have a timed synchronisation from the
developer CVS servers to the anonymous access ones. So give it a few
hours (I received the commit messages to
3 more things:
- I sync'd to cvs and don't see your changes. Got the JAAS ones
though.
Welcome to SourceForge. AFAIK they have a timed synchronisation from
the
developer CVS servers to the anonymous access ones. So give it a few
hours (I received the commit messages to
March, Andres wrote:
Ahh, I see now. This is like a permission type. I debated this idea
here but could not find a use for it. I could not see how it would add
info to what the permission meant. It seems that the recipient,
accessed object, and mask conveyed everything I need to. I was
March, Andres wrote:
I need to implement this anyway, so if you can wait I would be glad to
help out. But I won't need to start this effort for awhile. It might
be better for you do this until I get comfortable with the code. I am
eager to contribute but I have non-instance based security to
You're quick. I'm glad you took this on and not me.
The new schema is more where I was headed. The only things that I will
be implementing differently are the parent-child relationship and
identity. It appears you have made the relationship 1-to-many (parent
has many children) while I will
3 more things:
- I sync'd to cvs and don't see your changes. Got the JAAS ones though.
- What is acl_class for? I don't see it used in your tests.
- I forgot, below is how I have had to model it. I would think it is to
complex for a base implementation but I just wanted you to see what I
must
March, Andres wrote:
I agree with your assessment Ben. Had many of those thoughts myself as
I was pondering our situation. In the end we went with VOTERS DETECT
OBJECT AS PARAMETER AND QUERY ACL OBJECT. Seems like the best choice
for us since we only want to deny or allow access not mutate or
Alex
Sent: Thursday, July 29, 2004 12:52 AM
To: [EMAIL PROTECTED]
Subject: Re: [Acegisecurity-developer] Instance based security
March, Andres wrote:
I agree with your assessment Ben. Had many of those thoughts myself
as
I was pondering our situation. In the end we went with VOTERS
Has any thought been given to adding instance based security support to Acegi?
This seems to be a common requirement. Basically, what I mean by this is
that you can apply security constraints (hopefully in a declarative fashion)
to an object class with rules that are capable of discriminating
Can't this be done such using Method SecurityMethodInvocation
security in Acegi? Not sure how you know it is a CEO employee declaratively
though. I guess this is what you are asking.
like:
sample.Employee.getSalary=ROLE_MANAGER
sample.Employee.getAddress=ROLE_ALL
Sorry, I know the example
This is something I've been pondering
as well.
Stefan: I don't think that's what Andy
means. I believe that the security would be based on some property of the
instance, rather than of the user.
I came from the Notes/Domino world,
where a similar concept was applied with Readers and Authors
Actually, that is exactly what I was stating. He needs to know whether an
employee is a CEO or a regular employee since both use the same Employee object.
What I was eluding to is that currently, even if you added a property in the
Employee object to determine if it is a CEO or not, I was
PROTECTED] On Behalf Of Stefan D Sookraj
Sent: Thursday, July 22, 2004 9:51
AM
To: [EMAIL PROTECTED]
Subject: Re:
[Acegisecurity-developer] Instance based security
Actually, that is
exactly what I was stating. He needs to know whether an employee is a CEO or a
regular employee since both use
Andy Depue wrote:
Has any thought been given to adding instance based security support to Acegi?
This seems to be a common requirement.
There are so many ways of approaching instant-level security, as touched
on by the other replies to this thread. The major issues are where to
get the
PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: [Acegisecurity-developer] Instance based security
Andy Depue wrote:
Has any thought been given to adding instance based security support
to
Acegi?
This seems to be a common requirement.
There are so many ways of approaching
15 matches
Mail list logo