Role prefix

[croco]

Hi,
I am starting with Acegy Security and I have come accros this:
I took the sample application and tried to modify the names of the roles not to start with ROLE_ . I don't want to use any prefix for my roles, because it looks ugly when sorting, but this is just my opinion. But this did not work by just updating the database, because an IllegalArgmentException is thrown. This is caused because RoleVoter has the default role prefix set to ROLE_.

Code:

 private String rolePrefix = "ROLE_";

I have set the rolePrefix property to an empty string and everything worked after that; but wouldn't it be nice to have an empty string as the default role prefix?

After all, why is there a need for a role prefix thing ? Should the framework provide this functionality which does not bring much advantage?

[Ben Alex]

I have set the rolePrefix property to an empty string and everything worked after that; but wouldn't it be nice to have an empty string as the default role prefix?

After all, why is there a need for a role prefix thing ? Should the framework provide this functionality which does not bring much advantage?

Configuration attributes are used for far more than just RoleVoter. They are frequently by custom AccessDecisionVoters, AfterInvocationManagers, and RunAsManagers. Each potential user of configuration attribute information therefore needs to identify configuration attributes only of interest to it. This can be done with string.beginsWith() type methods - as we do - or by passing different ConfigAttribute concrete classes around. The problem with the latter approach is it complicates people's efforts to write PropertyEditors and AuthenticationDaos, as they need to discriminate based on class and not merely content of SecurityConfig.

Hope this clarifies a little about the rationale.