Hi, I am finishing implementation of a coarse-grain access control for phoenix blocks and wonder if you are interesting in it.
What I am doing is pretty much driven by current ejb approach (if I got it right :-) but with some simplifications. Basically, application developer associates methods of service interface (sic) with logical role or roles allowed to call the method. You could specify "unchecked" as well as have settings for "all other methods" and, of course, there is xdoclet support for all this. Application assembler maps logical roles into physical roles of environment using simple xml file and configures security interceptors for blocks (I still hope to see interceptors committed into the cvs :-). I have JAAS interceptor but other could be written easily. I still have some issues to resolve, like how to assign security context with calls originated from phoenix blocks, but otherwise I am almost there. The code lives in application space but could be migrated into phoenix kernel if you would like to adopt it. So, what do you think? -- Igor Fedorenko Think smart. Think automated. Think Dynamics. www.thinkdynamics.com -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
