You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@deltaspike.apache.org by "Lincoln Baxter III (Updated) (JIRA)" <ji...@apache.org> on 2012/03/20 06:16:03 UTC
[jira] [Updated] (DELTASPIKE-126) Include SecurityParameterBinding
support for SecurityBindingType feature
[ https://issues.apache.org/jira/browse/DELTASPIKE-126?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Lincoln Baxter III updated DELTASPIKE-126:
------------------------------------------
Description:
Allows access to the business method invocation arguments in the bound security interceptor method.
{code}
@SecurityBindingType
public @interface ProjectAdmin
{
// empty
}
@SecurityParameterBinding
public @interface ProjectBinding
{
// empty
}
@ProjectAdmin
public void updateName(@ProjectBinding Project p, String name)
{
// save project name
}
@Secures
@ProjectAdmin
public boolean isProjectAdmin(@ProjectBinding Project p, Identity identity)
{
if(identity.hasRole("project" + p.getId() + "_admin")
{
...
}
}
{code}
Note that the @Project annotation is not a CDI bean Qualifier / Stereotype annotation, it is a method parameter security binding annotation that tells Security to use the value of the Project passed to the method call in the security binding check itself.
was:
Allows access to the business method invocation arguments in the bound security interceptor method.
{code}
@SecurityBinding
public @interface ProjectAdmin
{
// empty
}
@SecurityMethodBinding
public @interface ProjectBinding
{
// empty
}
@ProjectAdmin
public void updateName(@ProjectBinding Project p, String name)
{
// save project name
}
@Secures
@ProjectAdmin
public boolean isProjectAdmin(@ProjectBinding Project p, Identity identity)
{
if(identity.hasRole("project" + p.getId() + "_admin")
{
...
}
}
{code}
Note that the @Project annotation is not a CDI bean Qualifier / Stereotype annotation, it is a method parameter security binding annotation that tells Security to use the value of the Project passed to the method call in the security binding check itself.
> Include SecurityParameterBinding support for SecurityBindingType feature
> ------------------------------------------------------------------------
>
> Key: DELTASPIKE-126
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-126
> Project: DeltaSpike
> Issue Type: Improvement
> Components: Security-Module
> Reporter: Lincoln Baxter III
> Assignee: Gerhard Petracek
> Fix For: 0.2-incubating
>
>
> Allows access to the business method invocation arguments in the bound security interceptor method.
> {code}
> @SecurityBindingType
> public @interface ProjectAdmin
> {
> // empty
> }
> @SecurityParameterBinding
> public @interface ProjectBinding
> {
> // empty
> }
> @ProjectAdmin
> public void updateName(@ProjectBinding Project p, String name)
> {
> // save project name
> }
> @Secures
> @ProjectAdmin
> public boolean isProjectAdmin(@ProjectBinding Project p, Identity identity)
> {
> if(identity.hasRole("project" + p.getId() + "_admin")
> {
> ...
> }
> }
> {code}
> Note that the @Project annotation is not a CDI bean Qualifier / Stereotype annotation, it is a method parameter security binding annotation that tells Security to use the value of the Project passed to the method call in the security binding check itself.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira