Announcement Announcement Module
No announcement yet.
Using Acegi Security in a Partitioned Domain Model Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Using Acegi Security in a Partitioned Domain Model

    I have been looking for a way to extend Acegi Security to secure domain objects based on data partitioning logic in addition to the request/method security and in lieu of the Acl based approach. Acls are geared toward ultra-fine grained control of access permissions, which is overkill for my application.

    In a previous application, using EJB, I simply created a couple of authorization methods in a base class for all of our session beans and called them at the beginning of each method invocation. We also had partitioning logic in all of the queries we used. I would like to take a more AO approach to it this time, but I am having a hard time getting my head around it as I am relatively new to Spring, Acegi, and Hibernate.

    Any suggestions?

    I was thinking I could "dumb-down" the Acl interfaces, but that does not seem very elegant either. If that turns out to be the way to do it, what interfaces are necessary, at a minimum?


  • #2
    Any chance you could give a few more details on what you are trying to do here?