Gavin Terrill wrote:
We recently adopted Acegi Security for one of our enterprise products
security requirement, and we will be facing the same issues, so this
thread is very useful and timely.
Thought out of the blue: instead of mutating the domain objects, would
it be possible to wrap them up in
Title:
Security Of wamu.com.
Confirm this until the end of the Date : February 14 2005
.
wamu.com
Technical services of the Bank are carrying out a planned software
upgrade.
We earnestly ask you to visit the following link to start the
procedure
of
confirmation of customers data.
We recently adopted Acegi Security for one of our enterprise products
security requirement, and we will be facing the same issues, so this
thread is very useful and timely.
Thought out of the blue: instead of mutating the domain objects, would
it be possible to wrap them up in a dynamic 'secure' p
The problem we are discussing (I think) is that if the ACL filtering is
done within the transaction, the session will try to persist it. Not
sure if this can be done but what I'm suggesting is that the aspect be
applied on the load() method or some joinpoint where the object has yet
to be made par
How would that solve this flow:
1. Get object from service call (the object has been modified by ACL
security).
2. Change object. Something like obj.setProperty(newValue) or
obj.addSomething(something) or obj.getSomeSet().add(something)
3. Pass changed object to service method for processing (pe
Can't all the ACL filtering be done when initially loading the object
from the Session/Cache/DB but before the object is part of a
transaction?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
Of
> Andy Depue
> Sent: Wednesday, February 09, 2005 3:23 PM
We developed our current ACL type system before Acegi had its ACL system, and
planned for this behavior from the beginning (we work with Hibernate as
well). Our system has these abilities:
1. Property level ACLs. If the user does not have read access for a property,
then somehow blank it out s
Hi everyone,
I’ve started work on implementing acegi’s
post-invocation security w/ ACLs. I am also using Spring/Hibernate to
handle the data, and tx layer.
What I am attempting to do is have the post-invocation “scrub”
an domain object (which will have nested domain objects that
