Well, those are good points, but your concerns are with the limitations of the default EL rather than a need for a component.
You can work around these limitations using the hashmap-as-function-parameters trick, or by using a more advanced EL (like the Facelets EL which supports user-defined functions). #{securityBean.isManager or securityBean.isAdmin} could become #{securityBean.ifAnyGranted['manager'] or securityBean.ifAnyGranted['admin']}" or #{ifGranted(securityBean, 'manager') or ifGranted(securityBean, 'admin')}" You could even add an extra property-resolver so that these are resolved by an extension of EL. #{security:granted:manager or security:granted:admin}" I think trying to use a component to solve these problems is too limiting. The place to deal with this is at the EL level.
what if there are other conditions that effect the rendered property of the panel #{securityBean.isManager or securityBean.isAdmin or pageBean.isLoggedIn}
That's going to be true no matter what you do. If you feel like these need to be separated, then separate them out: <h:panelGroup rendered="#{pageBean.isLoggedIn}"> <h:panelGroup rendered="#{securityBean.isManager or securityBean.isAdmin}"> On 8/16/06, Cagatay Civici <[EMAIL PROTECTED]> wrote:
Hi Mike, > <h:panelGroup rendered="#{securityBean.isManager or securityBean.isAdmin }"> > > //components to be secured goes here > </h:panelGroup > > Yes that would do the same job but my point is the user must create the securityBean class to accomplish this. Also securityBean changes when a new role is added. Imagining the possible amount of roles, the maintanence of the bean might cause problems when things get more complex. My other concern is what if there are other conditions that effect the rendered property of the panel. Then that should also be added to the security concern like; #{securityBean.isManager or securityBean.isAdmin or pageBean.isLoggedIn} Anyway, I'm just thinking loud :) Cagatay On 8/16/06, Mike Kienenberger <[EMAIL PROTECTED]> wrote: > What's wrong with using this? > > <h:panelGroup rendered="#{securityBean.isManager or securityBean.isAdmin}"> > //components to be secured goes here > </h:panelGroup > > > Seems a lot more flexible. > > On 8/16/06, Cagatay Civici < [EMAIL PROTECTED]> wrote: > > Hi, > > > > What do you guys think about a security component like this; > > > > <s:secure ifAnyGranted="manager, admin"> > > //components to be secured goes here > > </s:secure> > > > > Also have attributes like ifNotGranted, ifAnyGranted disable and etc. > > > > Do you think this should be useful? > > > > Regards, > > > > Cagatay > > >