In our application
we need to use Dynamic Pointcuts (i.e., runTime AOP advice - utilizing method
parameter values) for authorization.
On reading the
acegisecurity documents it seems that acegi only supports static
pointcuts as in the following example from the acegi security system pdf (in the
download):
<bean id="bankManagerSecurity"
class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
<property
name="validateConfigAttributes"><value>true</value></property>
<property
name="authenticationManager"><ref
bean="authenticationManager"/></property>
<property
name="accessDecisionManager"><ref
bean="accessDecisionManager"/></property>
<property
name="runAsManager"><ref
bean="runAsManager"/></property>
<property
name="objectDefinitionSource">
<value>
net.sf.acegisecurity.context.BankManager.delete*=ROLE_SUPERVISOR,RUN_AS_SERVER
net.sf.acegisecurity.context.BankManager.getBalance=ROLE_TELLER,ROLE_SUPERVISOR,BANKSECURITY_CUSTOMER,RUN_</value>
</property>
</bean>
Am I misreading the
acegi capabilities? Can I implement runTime advice via a custom
objectDefinitionSource?
Thanks for your
feedback.
Bob
Robert Goodfliesh,P h.D.
Pfizer Global Research
& Development Informatics
Senior Scientific
Programmer
Phone: (860) 686-6986
Email: [EMAIL PROTECTED]
Ad Astra Per Aspera
LEGAL NOTICE
Unless expressly stated otherwise, this message is confidential and may be privileged. It is intended for the addressee(s) only. Access to this E-mail by anyone else is unauthorized. If you are not an addressee, any disclosure or copying of the contents of this E-mail or any action taken (or not taken) in reliance on it is unauthorized and may be unlawful. If you are not an addressee, please inform the sender immediately.