You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by bu...@apache.org on 2006/03/04 03:08:36 UTC
DO NOT REPLY [Bug 38849] - [Shale] Support for fine grained security on navigation
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38849>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38849
------- Additional Comments From niallp@apache.org 2006-03-04 03:08 -------
For reference, the user thread is here:
http://www.nabble.com/Shale-Container-Managed-Security-t1221102.html
+1 to plugability and something that isn't necessarily tied to container
managed security. In our organization we not only protect actions/pages but
data as well. Below are examples of the types of requirements we have - not so
that any solution to this caters for them, just that it doesn't limit/prevent
custom implementations that do being plugged in.
For example we have a structure that comprises: Group, Companies, region, sub
region, portfolio and investment. Access can be controlled at any level
(portfolio and above). So for example a user might be given access
to "Northern Region's data".
We also have other data structures that cut accross the "corporation
structure" - e.g. banks, partners, solicitors and agents that can also be used
to control access (e.g. a user might be given access to Bank "XYZ"'s data).
The same user in the application can have different "data level" access for
different functions - so for example they might be able to see certian pages
for "Northern region", but for other pages be restricted to the "North West
sub region".
As well as the above we also have the ability to "disable" access at various
levels - individual action/pages, users, roles or any of the above "data"
levels (e.g. we can enable/disable "Northern Region").
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org