Nov 8th, 2004, 09:06 AM
Menu Listings and Security
I'm just learning Acegi since I'm used to writing my own security frameworks and code for every project I've worked on. Since my security requirements have been the same on many projects (yet some things have been different too), I wanted to start using an OS offering to help bring consistency to my projects in this area.
Everything in the framework looks pretty good. I haven't really ran much of the code; I'm just reading the docs right now but will dive into some code today. One of my questions is this: what is the standard way people using Acegi generate menus for users based on their roles/groups?
In every application that I have written with Spring, I've used the role/group information from the database or an XML file to generate menu/page structure once they are logged in. I did this by taking an object graph with all the pages and then I would apply the role/group information to reduce the menu/page structure of the application to the ones that were allowed for that user. This reduction would be in seperate code from ensuring that users would be logged in and so on.
My question is what would be the preferred way to do this in Acegi? I don't want to duplicate page names and so on and keep these as seperate pieces of code. It would be cool if the framework could generate something similar. Thanks for response.
Nov 8th, 2004, 10:59 AM
I am doing the exact thing you want to do. Check out the thread here: http://forum.springframework.org/showthread.php?t=11167
Basically, I created a tag which allows me to query the ObjectDefinitionSource based on link. So, I pass in the URL and the tag checks to see if the person logged in has a role that is allowed to see that URL. If the person does have that role, then I show the link.
Hope that helps...
Last edited by robyn; May 14th, 2006 at 11:21 AM.