I noticed that the methodSecurityInterceptor bean in security.xml has :
<value>
org.appfuse.service.UserManager.getUsers=ROLE_ADMIN
org.appfuse.service.UserManager.removeUser=ROLE_ADMIN
</value>
Which would seem to apply role-based security at the webservice method
level.
If I wanted to apply security to different methods based on the User, could
I do this by either:
a) creating new Roles (one for each method in the webservice eg:
ROLE_ALLOW_GETUSERS)
or:
b) changing this annotation in security.xml to somehow reference individual
Users?
thanks
--
View this message in context:
http://www.nabble.com/Method-level-web-service-security-for-Users-tf4673765s2369.html#a13352858
Sent from the AppFuse - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
