You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@myfaces.apache.org by bansi <ma...@yahoo.com> on 2008/06/06 22:22:30 UTC

Object Level Security

We use home grown Authentication system and database tables for
Authorization. Here is the Situation we are in:

Domain Object : Address Block
We have business rule which states check User/Group Privileges on Address
Block before Create, Update, Delete IpAddress.

User/Group Privileges on Address Block are retrieved from database table
using HQL named query. This is done inside a method
"checkAddressBlockPrivileges"

Target:
As we may have more domain objects like Address Block, we want to move away
from writing methods 

Proposal:
We are thinking to delegate the job of checking user/group privileges to
Proxy, using something like Spring AOP.

As we are naive to the world of AOP, any pointers/suggestions on how to
architecture/design will be highly appreciated
PS: We use Spring Transaction Proxy configured in Spring XML file

-- 
View this message in context: http://www.nabble.com/Object-Level-Security-tp17700453p17700453.html
Sent from the MyFaces - Users mailing list archive at Nabble.com.

Re: Object Level Security

Posted by Scott Belnap <sc...@byu.edu>.

Bansi,

Not too sure what your question has to do with JSF but to answer your
question.  

Spring Security has the ability to secure your objects using AOP
Alliance.  You can read more about it at
http://static.springframework.org/spring-security/site/index.html
Check out the Reference Guides.

Hope that helps.

On Fri, 2008-06-06 at 14:22 -0600, bansi wrote:
> We use home grown Authentication system and database tables for
> Authorization. Here is the Situation we are in:
> 
> Domain Object : Address Block
> We have business rule which states check User/Group Privileges on Address
> Block before Create, Update, Delete IpAddress.
> 
> User/Group Privileges on Address Block are retrieved from database table
> using HQL named query. This is done inside a method
> "checkAddressBlockPrivileges"
> 
> Target:
> As we may have more domain objects like Address Block, we want to move away
> from writing methods
> 
> Proposal:
> We are thinking to delegate the job of checking user/group privileges to
> Proxy, using something like Spring AOP.
> 
> As we are naive to the world of AOP, any pointers/suggestions on how to
> architecture/design will be highly appreciated
> PS: We use Spring Transaction Proxy configured in Spring XML file
> 
> --
> View this message in context: http://www.nabble.com/Object-Level-Security-tp17700453p17700453.html
> Sent from the MyFaces - Users mailing list archive at Nabble.com.
>