Nov 11th, 2012, 10:52 PM
LDAP authentication with hasPermission authorization
I have LDAP login working against an Active Directory instance. The hasRole functionality is working. Id like to also get the hasPermission working but I'm not sure how to go about doing it. The permissions are not really against domain objects (as described in Domain Object Security) but more like web feature permissions. For example feature of reports, may have r/o, or create new, delete and modify.
I'd like to avoid duplicating all the users in AD in the SID table. But I also realize that permissions are associated with the principals. Can anyone give me some ideas regarding how to go about thinking about this wrt Spring Security and the permissions architecture?
Last edited by richardl; Nov 11th, 2012 at 11:20 PM.