I am interested in reviewing this work. I think there may be some overlap on how we decided to apply security in our ofbiz based system. In brief, what we did was put security checks at the service definition and then at presentment artifact load time, we triggered a security application visitor that would walk the model and woudl transform those artifacts with additional security checks before caching it.
The result was that if you have a service that requires PARTYMGR_UPDATE anything that calls that service (directly or indirectly) would be automatically wrapped with the appropriate security check. This caused buttons, links, forms, and the like to be snipped from rendering via the security check. At transformation time it would roll those security checks up causing ensure areas of the application to be snipped. Adrian Crum wrote: > > David E Jones wrote: >> On Dec 30, 2009, at 4:48 PM, Adrian Crum wrote: >> >>> The security-aware artifacts implementation is nearly complete. The >>> branch is out of date and I can't get it synchronized with the trunk >>> because there are too many conflicts. I would like to create a new >>> branch and port the security-aware artifacts implementation over to >>> that. >>> >>> Any objections? >> >> Nope, sounds good. Just be sure to give us all some good time to test and >> review it once it is complete in that branch and before adding it to the >> trunk. > > Of course! Not only do I welcome review and testing, I really NEED it. I > don't have a lot of time to work on it. My hope is, once it is basically > working, others may take an interest in it and get involved. > > -Adrian > > > -- View this message in context: http://n4.nabble.com/Discussion-Security-Aware-Artifacts-tp991181p991495.html Sent from the OFBiz - Dev mailing list archive at Nabble.com.
