On Sep 1, 2014, at 10:05 AM, Aristedes Maniatis <a...@maniatis.org> wrote:
> On 1/09/2014 4:17pm, Andrus Adamchik wrote: >> More likely not to servlets, but to JAX-RS resources that work on top of >> servlets. Also while we can have a single endpoint (say LinkRestResource) >> that dynamically serves all entities, in this model it will be trivial to >> add per-entity endpoints , each with its own security characteristics, all >> tied to a single ServerRuntime. > > So the security model would be wrapped around URL paths rather than the types > of entities returned by the queries? Yes. And beyond that. Once you've authorized to access a certain endpoint, LinkRest allows for additional data filters based on your roles. > That's quite nice since it means there are lots of options for security > outside of Cayenne, even down to simple authentication inside Apache httpd > which can be controlled against regex path expressions. Totally. Andrus
