Discussions

Web tier: servlets, JSP, Web frameworks: Securing Domain Objects with Acegi

Bookmark and Share Get thread feed

  1. Securing Domain Objects with Acegi (4 messages)

    What should I do when I want to use Acegi for securing my domain objects but when my database schema is already fixed. The schema, however, contains all the data needed for determining whether user has permissions to access the data or not. Acegi's Contacts Sample seems to use a schema specific to Acegi.
    Reply to this

    Threaded Messages (4)

  2. Acegi and eXo Portal integration[ Go to top ]

    Hi I'm reading http://wiki.jboss.org/wiki/Wiki.jsp?page=PortalWithAcegiAuthentication about acegi integration into jBoss portal. is there something similar dedicated to eXo? i'm searching for a guide, a reference ... any kind of documentation!! if does not exists, someone can help me to achieve this task? thanks in advance Massimiliano Cuccia
    Reply to this Reply to original

  3. Re: Securing Domain Objects with Acegi[ Go to top ]

    Drop your current security schema for ACEGI's
    Reply to this Reply to original

  4. Re: Securing Domain Objects with Acegi[ Go to top ]

    Dropping my current schema is not an option because it's partially enforced by an 3rd party component. Anyway, what I'm planning to do is that, instead of using Acegi's access control lists, I will implement my own AccessDecisionVoters and AfterInvocationProviders for securing my business methods and domain objects. Acegi's own implementations seems to be quite simple so this does not require that much effort. Any arguments against this solution?
    Reply to this Reply to original

  5. Re: Securing Domain Objects with Acegi[ Go to top ]

    i think that will work :), i ran into a similar situation and we had the option to drop our tables used for access control,and user/roles. we secured some of our webservice methods using ACEGI and spring, and it worked pretty well! happy coding.
    Reply to this Reply to original