You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Hugo Palma <hu...@gmail.com> on 2006/05/19 15:21:25 UTC
Re: Best pratice - CRUD Security - Tapestry 4.0 - persistence BY EJB3
inline
On 5/19/06, Ing. Stefano Girotti <ic...@hotpop.com> wrote:
>
>
> Thank for Your Reply, it's likely what i have to do... even if i'm
> using EJB3 persistence with JBoss 4... it's implemented by Hibernate
> but i don't know if this particular feature is implemented... for
> example Query By Criteria and Query By Example are not part of the EJB3
> Feature
I never used EJB3, but from a quick search i see that it might be possible
for you to work with the hibernate session directly even when using EJB3.
The InjectedHibernateSession(
http://docs.jboss.org/jbossas/javadoc/4.0.3SP1/ejb3/org/jboss/ejb3/entity/InjectedHibernateSession.html)
might have something to do with it, but more investigation on this is
needed.
And Another Question... seems to me that i can't modify at runtime
> this filter... i can enable or disable... i can't modify the
> semantic.... at least i can add an "always true" parameter for a
> sub-condition....
You can't change the semantics of the filter, but you can change parameter
values at runtime. Like you say, you can use the parameter values to
enable/disable determined parts of a filter.
Thank for the info!!!!
>
> >"Hugo Palma" < hugo.m.palma@gmail.com> ha scritto nel messaggio
> >news:<e8ca20260605190228m25c02fabwbaf5b51c747c1cca@mail.gmail.com >...
> >It looks to me that hibernate filters would do the trick,as this is more
> >like data access security than page or service level security.
> >You can read more about it here
> > http://www.hibernate.org/hib_docs/v3/reference/en/html/filters.html
> >
> >On 5/19/06, Stefano Girotti <ic...@hotpop.com> wrote:
> >>
> >>
> >>"Brian K. Wallace" < brian@transmorphix.com> ha scritto nel messaggio
> >>news:4469F3A9.70709@transmorphix.com...
> >> > -----BEGIN PGP SIGNED MESSAGE-----
> >> > Hash: SHA1
> >> >
> >> > This is where I stick with ACEGI being unobtrusive. Not discounting
> any
> >> > other method of doing it at all, but I found that with ACEGI I add a
> >> > hook into "login/logout" pages and there's no other intrusion into my
>
> >> > Tapestry applications outside the configuration file (aka: no
> >> > "isUserInRole("...")" of any kind.
> >> >
> >> > Again - one size doesn't fit all - especially with security. Take the
>
> >> > "easiest way for you" as long as it foots the bill and you're usually
> >> > alright.
> >>
> >>i'm looking for a Searchable Security:
> >>for example:
> >>for the current user i have to find what special offers can buy....
> >>and again.... the classic Access Control List have read - write - delete
> >>or
> >>admin properties.... i'd like to extend it... for example a special
> offer
> >>is avaible from date to date... or by special code...
> >>
> >>i had a look to ACEGI and seems to me that is not what i'm looking for
> :(
> >
> >
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> >For additional commands, e-mail: users-help@tapestry.apache.org
>
> ----------
>
> Signature Light \\ ~ ~ //
> ( O o )
> ____________________________oOOo_(_)_oOOo_________________________
>
> Main e-mail: icecuber@bigfoot.com
> IRC Nick: IceCubeR
> ICQ UIN: 48898319
> MSN : icecuberh@hotmail.com
>
> Visit My Home Page:
> http://www.geocities.com/SiliconValley/Way/5515
> __________________________________________________________________
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>