App Fuse mailing list wrote:
ok, so the term voter is specific to Acegisecurity etc, and not a wider used term in Spring, IOC, AOP etc. that I have missed?Justin, net.sf.acegisecurity.vote.RoleVoter is an Acegi Security-specific interface. It's actually called by one of the xxxxBased classes in the same package, which tally the votes using different rules (eg AffirmativeBased, UnanimousBased etc). The xxxxBased classes (or another implementation of AccessDecisionManager) is called by a MethodSecurityInterceptor or a FilterSecurityInterceptor (or indeed any subclass of AbstractSecurityInterceptor).
I'll look at the code and see what I understand :-)
Thanks Justin
The RoleVoter is the typical way of implementing custom authorization decisions. Although people are also free to write their own AccessDecisionManager and do something else entirely.
The net.sf.acegisecurity.acl.basic package is typically tied in via a RoleVoter. If you want to perform instance-based security on a method invocation, you'd typically write a custom RoleVoter which consults the AclManager to lookup the instance's access control list. Alternatively, your business method itself or your own ACL interceptor can call the AclManager to lookup the access control list. The ACL package merely returns the effective ACLs. Your application still needs to know what the ACLs mean and how to respond. Typically you'll throw an AccessDeniedException if an unauthorized operation is requested, but people are equally free to null out values in the returned object, roll back a transaction, log the event or some other behavior.
HTH Ben
------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer