Jan 3rd, 2007, 04:24 AM
As far as my knowledge, we are specifying resources to be secured in config. files (e.g applicationContext.xml) . Is there any way to sepcify resource to secured at runtime , I mean without editing config file. Please correct me if I am thinking wrong.
Jan 3rd, 2007, 04:27 AM
What do you mean by specifying resources at runtime? You want to change the security settings?
You don't have to specify security in the applicationContext, you can use the @Secured annotation.
Jan 3rd, 2007, 05:18 AM
Thanks for quick reply.
I just gone thro Reference Guide and I got your point. Please may I know if we can sepcify the resources(which can be URL or method call) to be secured somewhere else instead of specifying it in class(in case of method ) or in config file(in case of URL) like in database as we can specify user role mapping in database. I am very new to ACEGI and Spring concepts. Please correct me if I am thinking in wrong direction.
Jan 3rd, 2007, 05:43 AM
In theorie you could, although you would have to provide your own implementation of the needed classes. You could implement a database version of the FilterInvocationDefinitionSource.
I can see a added value for securing/configuring URL's this way, I wonder about configuring method based security this way.
Jan 3rd, 2007, 05:51 AM
Marten beat me to it . I think there was a thread on here a while ago about this. If I remember rightly some code was posted that did exactly that. It was pretty simple though so you could do it yourself. All your doing is populating said class with the security instructions from DB instead of file.
Jan 3rd, 2007, 05:58 AM