I just took a look at Seam in the CVS and after going through the seamspace example I can't say anything else than:
I love you guys! :-) I've been putting off this project for a long time in lack of a good security implementation and now you've solved a lot of my problems. I know you've planned to work on the security release for at least three more weeks (according to http://jira.jboss.com/jira/browse/JBSEAM?report=com.atlassian.jira.plugin.system.project:roadmap-panel) but I've got something that you might not have thought of: In security-config.xml you specify roles and assign permissions to them. What I would like is to specify somewhere which permissions exists and what actions they can have. Something like: | <permissionDefinition> | <name>user</name> | | <action>create</action> | <action>modify</action> | <action>delete</action> | </permissionDefinition> | | <permissionDefinition> | <name>account</name> | | <action>create</action> | <action>delete</action> | </permissionDefinition> | and then I could assign them to roles in the security-config OR I could create roles on the fly from the application and pick permissions from some sort of gui based on the initial permissions definition. Perhaps this sound totally crazy, or you've already done it, what do I know :-) An other thing that I came to think of: Now the permissions store their name and action as strings. Wouldn't the use of enums or something else that is typesafe make life easier for us? I'd hate to have a bug where I misspelled one of the strings somewhere. Or did I miss something? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3996763#3996763 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3996763 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
