Benjamin Yu wrote:
I recall that the above (1-7) can be supported with Acegi as it currently is, but can anyone enlighten me on how (and if) Acegi can support them with the User/Group/Roles/Permissions concept?
Hi Benjamin
I think you'd be able to accomplish it by writing a custom GrantedAuthority, such as GroupRoleAuthority which stores a role:String and group:String (or whatever object is most appropriate to use for the group). You'd need your AuthenticationDao to correctly add these GroupRoleAuthoritys to the UserDetails response object.
Then you'd write a custom GroupRoleVoter which specifically handles these GroupRoleAuthoritys and can vote to grant or deny access accordingly. You can avoid GroupRoleVoter if your GroupRoleAuthority.getAuthority() returns a valid String, such as "group\rolename" (in which case the standard RoleVoter will suffice).
HTH Ben
-------------------------------------------------------
This Newsletter Sponsored by: Macrovision For reliable Linux application installations, use the industry's leading
setup authoring tool, InstallShield X. Learn more and evaluate today. http://clk.atdmt.com/MSI/go/ins0030000001msi/direct/01/
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
