RE: [JBoss-user] adding new roles at runtime?

2002-06-06 Thread Sternagel Annegret (SYS/PE) 

Just an idea:
- define a role for each required access right, e.g. tellerRead and
tellerWrite in ejb-jar.xml and configure tellerRead access to the read
methods, tellerWrite access to the write methods
- define profiles referencing the required roles e.g. teller has a reference
to tellerWrite + tellerRead (the profiles do not occur in ejb-jar.xml)
- assign the profiles to the user
- write a ServerLogin module (e.g. using jboss UsernamePasswordLoginModule
as baseclass) which maps the assigned profile to the referenced roles during
login

User -> Profile -> Role1, Role2, ...

Then You can configure the role references to a profile at runtime without
changing anything in ejb-jar.xml

Annegret


-Original Message-
From: Marius Kotsbak [mailto:[EMAIL PROTECTED]]
Sent: Donnerstag, 6. Juni 2002 14:19
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] adding new roles at runtime?


You can maybe use a security proxy instead (jboss-feature)

On Thu, 2002-06-06 at 13:39, jfina wrote:
> hi!
> 
> I can't see that there is an easy way to dynamically change the method
roles at run-time. In a database(normally) it's quite easy to
> add a role and assign tables and rigths to that role. But since the method
permission role-name exists in ejb-jar.xml in my bean jar
> file it isn't very easy to change - though not impossible.
> 
> E.g.
> If I have an account bean with the default permission role: teller and a
customer wants to change the roles setup in my account bean
> to a bit more detailed like: tellerRead and tellerWrite.
> 
> Am i totally wrong?
> ideas?
> 
> /Jon
> 
> 
> ___
> 
> Don't miss the 2002 Sprint PCS Application Developer's Conference
> August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
> 
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user



___

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

___

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Re: [JBoss-user] adding new roles at runtime?

2002-06-06 Thread Marius Kotsbak 

You can maybe use a security proxy instead (jboss-feature)

On Thu, 2002-06-06 at 13:39, jfina wrote:
> hi!
> 
> I can't see that there is an easy way to dynamically change the method roles at 
>run-time. In a database(normally) it's quite easy to
> add a role and assign tables and rigths to that role. But since the method 
>permission role-name exists in ejb-jar.xml in my bean jar
> file it isn't very easy to change - though not impossible.
> 
> E.g.
> If I have an account bean with the default permission role: teller and a customer 
>wants to change the roles setup in my account bean
> to a bit more detailed like: tellerRead and tellerWrite.
> 
> Am i totally wrong?
> ideas?
> 
> /Jon
> 
> 
> ___
> 
> Don't miss the 2002 Sprint PCS Application Developer's Conference
> August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
> 
> ___
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user



___

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] adding new roles at runtime?

2002-06-06 Thread jfina 

hi!

I can't see that there is an easy way to dynamically change the method roles at 
run-time. In a database(normally) it's quite easy to
add a role and assign tables and rigths to that role. But since the method permission 
role-name exists in ejb-jar.xml in my bean jar
file it isn't very easy to change - though not impossible.

E.g.
If I have an account bean with the default permission role: teller and a customer 
wants to change the roles setup in my account bean
to a bit more detailed like: tellerRead and tellerWrite.

Am i totally wrong?
ideas?

/Jon


___

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user