When using an afterInvocationManager it may not always be
necessary or possible to provide before invocation security, so why require an
ADM? I just use one that is allows everyone and abstentions to pass but it
seems like a bit of overhead when all I really care about is filtering the
Kjetil Paulsen wrote:
Thx for the response, I see what you are saying, however, since we
don't have roles in the system today and isUserInRole is based on the
group the user belongs to I'm not sure how to handle this... could it
be a quick fix to add a 'known' role like 'USERS' to all users in
March, Andres wrote:
When using an afterInvocationManager it may not always be necessary or
possible to provide before invocation security, so why require an
ADM? I just use one that is allows everyone and abstentions to pass
but it seems like a bit of overhead when all I really care about
March, Andres wrote:
Thanks to the acegi team, my ACL implementation is relatively simple.
But I have been struggling a little finding the proper extension
points. The basic implementations are great but I have them hard to
extend. In particular, the BasicAclEntryAfterInvocationProvider
