carlos,
how would you recommend we implement the
users/groups/roles/permissions material that we have already been
discussing?
would it be implementing the rbac model using the
AccessDecisionManager and AccessDecisionVoter dealio in acegi? I can
see how we might go about doing it in acegi, it w
I think is more important now come with a good representation of
users, groups, roles,... that can be used across all apps (Continuum,
MRM,...)
Acegi doesn't mess with your code, so the need of another api on top
of it for me has no much sense.
I like the aop approach better than implementing in
I have been working on a little security api in the plexus sandbox
that I wanted to describe to the continuum dev list that would work
for the implementation of the authentication and authorization parts
of continuum.
I like it since it is pretty easy to use and should extend to support
the zones
There was some discussion on irc about the security model so I wrote
up this description for review by everyone.
http://docs.codehaus.org/display/CONTINUUM/Straight+Role+Based+Access+Control
It doesn't have implementation details in it, it is just an attempt at
drawing together the different con
I've added my comments.
I don't think we need domain ACLs - it's an interesting concept but it
also worries me a little to have security as an afterthought - it's
intrinsic to the design of the code in some ways (surely if you only
want to give one person access to a subset of the data you als
http://docs.codehaus.org/display/CONTINUUM/Security
Please take a look and provide feedback on the semantics of what to
secure and to what level.
--
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
-- The Princess Bride