Aha, Is there any way to reload the security.xml at runtime? The reason I ask is becase without that ability, if I went down the route of mapping ws-operations to Roles in security.xml it would be impossible to apply changes to this mapping without a restart of the web application?
mraible wrote: > > You can enter them in sample-data.xml for testing and default-data.xml > for production. After adding them to the database, you should be able > to add them in security.xml. > > Matt > > On 10/22/07, George.Francis <[EMAIL PROTECTED]> wrote: >> >> That's good - can you give me a bit of direction on how to define new >> Roles? >> >> >> mraible wrote: >> > >> > The first option seems like the easiest solution to me. >> > >> > Matt >> > >> > On 10/22/07, George.Francis <[EMAIL PROTECTED]> wrote: >> >> >> >> I noticed that the methodSecurityInterceptor bean in security.xml has >> : >> >> <value> >> >> org.appfuse.service.UserManager.getUsers=ROLE_ADMIN >> >> org.appfuse.service.UserManager.removeUser=ROLE_ADMIN >> >> </value> >> >> Which would seem to apply role-based security at the webservice method >> >> level. >> >> If I wanted to apply security to different methods based on the User, >> >> could >> >> I do this by either: >> >> a) creating new Roles (one for each method in the webservice eg: >> >> ROLE_ALLOW_GETUSERS) >> >> or: >> >> b) changing this annotation in security.xml to somehow reference >> >> individual >> >> Users? >> >> >> >> thanks >> >> >> >> -- >> >> View this message in context: >> >> >> http://www.nabble.com/Method-level-web-service-security-for-Users-tf4673765s2369.html#a13352858 >> >> Sent from the AppFuse - User mailing list archive at Nabble.com. >> >> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> > >> > >> > -- >> > http://raibledesigns.com >> > >> > --------------------------------------------------------------------- >> > To unsubscribe, e-mail: [EMAIL PROTECTED] >> > For additional commands, e-mail: [EMAIL PROTECTED] >> > >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Method-level-web-service-security-for-Users-tf4673765s2369.html#a13356292 >> Sent from the AppFuse - User mailing list archive at Nabble.com. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > http://raibledesigns.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Method-level-web-service-security-for-Users-tf4673765s2369.html#a13364709 Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
