Ben,
I think we need to change the existing code which does something like:
response.sendRedirct(x)
to
response.sendRedirect(response.encodeRedirectURL())
The existing code is not going to work properly for people who have
turned off cookies, or environments (like some Mobile phones) whi
> have you considered providing XACML and RBAC support in Acegi?
I did look at similar standards during the design phase of Acegi. Not all of
them, but certainly quite a few.
I ended up going with a solution that would fit our internal needs but be
reasonably extensible/pluggable. I'd certainly w
Hi Colin
> I think we need to change the existing code which does something like:
> response.sendRedirct(x)
> to
> response.sendRedirect(response.encodeRedirectURL())
I just committed changes that do this. I left out the CAS entry point, as it
redirects to a different context or web s
Does anyone actually use XACML in practice? It seemed pretty complicated
when I looked at it and I couldn't see any benefits for our project. For
example, the equivalent of
"if (action = 'read' )" expressed in XACML was
http://www.w3.org/2001/XMLSchema#string)http://www.w3.org/2001/XMLSch
> Does anyone actually use XACML in practice? It seemed pretty
> complicated when I looked at it and I couldn't see any
> benefits for our project.
Exactly why I gave it a miss. :-)
It's a bit like comparing CAS and Project Liberty. The former is an elegant,
simple solution you can get your he
