Orange Mile is pleased to announce the release of Dynamic Rule Security 1.1.
The project provides a dynamic rule based, context aware, with field level ACL security for Spring Security leveraging Jboss Rule Engine.
All you need to do is mark which data access methods need security with an annotation. AOP is then used to intercept the calls, route them through the rule engine, and setup the necessary ACL.
Your rules live outside the system, and can be changed dynamically at runtime. Imagine having the ability to create the most granular and specific security rules for your system.
Trade(traderName == "Jack" && currentUser != "Jack" )
security.setAcl("amount", NONE );
security.setAcl("account", READ | EDIT );
A front end, now, only needs to understand how to render based on the ACL rather then having any knowledge of the underlying security rules. There is also support for an isGranted JSP tag.
For more information, please visit: http://code.googe.com/p/dynamic-rule-security