Web tier: servlets, JSP, Web frameworks: Securing Domain Objects with Acegi

  1. Securing Domain Objects with Acegi (4 messages)

    What should I do when I want to use Acegi for securing my domain objects but when my database schema is already fixed. The schema, however, contains all the data needed for determining whether user has permissions to access the data or not. Acegi's Contacts Sample seems to use a schema specific to Acegi.
  2. Hi I'm reading http://wiki.jboss.org/wiki/Wiki.jsp?page=PortalWithAcegiAuthentication about acegi integration into jBoss portal. is there something similar dedicated to eXo? i'm searching for a guide, a reference ... any kind of documentation!! if does not exists, someone can help me to achieve this task? thanks in advance Massimiliano Cuccia
  3. Drop your current security schema for ACEGI's
  4. Dropping my current schema is not an option because it's partially enforced by an 3rd party component. Anyway, what I'm planning to do is that, instead of using Acegi's access control lists, I will implement my own AccessDecisionVoters and AfterInvocationProviders for securing my business methods and domain objects. Acegi's own implementations seems to be quite simple so this does not require that much effort. Any arguments against this solution?
  5. i think that will work :), i ran into a similar situation and we had the option to drop our tables used for access control,and user/roles. we secured some of our webservice methods using ACEGI and spring, and it worked pretty well! happy coding.