providing access control without subclassing

[Dan Adams <da...@ifactory.com>]

Okay, in my application there are several different sections of the site
that required different levels of access to them. I also have a number
of convenience page classes that I subclass to implement different types
of pages (like a list page or an add/edit page). I want to provide
access control to the pages but subclassing doesnt really fit here. For
instance my page cannot extend both the AddEditPage and the AdminPage
(for restricting access to all admin pages) classes. I was thinking of
creating an access delegate interface that my base convenience class can
call in order to validate the page but then I would have to add these
access delegates in every page. One option I can see is using some sort
of AoP solution (like spring aop or something) that would add the
delegates to all the pages in the admin section, for instance. Any
ideas/suggestions on a solution to this. I can't think of a pattern to
fit it off the top of my head although I'm sure this is one out there.
Thanks. :)

-- 
Dan Adams
Software Engineer
Interactive Factory


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org