Multi-authority

[Pandah]

I am a new user in Acegi.
I success to realize an application with an authentication autorization.

The access in my app depends in a general role (ROLE_ADMIN, ROLE_USER). After this access, users can choice the project which they want work. In function of the project, they have different role (Role_client, role_boss, role_dev..).
User have a general role and specific role for project.

i have some problem to find the way to define these specifics roles.
What's the possibilites?

Thank you.

PS:sorry for my bad english

[karldmoore]

Hmmm so there are general roles and project specific roles? One way of doing it is simply in the naming of the roles e.g. ROLE_ADMIN, ROLE_MY_PROJECT_ADMIN, ROLE_MY_OTHER_PROJECT_ADMIN etc...... You might also want to take a look at the ACL related features of Acegi.

[Pandah]

One way of doing it is simply in the naming of the roles e.g. ROLE_ADMIN, ROLE_MY_PROJECT_ADMIN, ROLE_MY_OTHER_PROJECT_ADMIN .

It's not possible, i think. Because my structure for one project is the same for another. I have the same url the same controller. It's just the content which is changed by the "project parameter". A user can have a ROLE_CLIENT for one project and can have a ROLE_BOSS for another.
I defined the security of the URL:

/project/**=ROLE_CLIENT,ROLE_BOSS
/project/parameter/**=ROLE_BOSS

There is no probleme for one project. But when i have two project a user which have a ROLE_BOSS in the first project and have ROLE_CLIENT in the second project, have an access to /project/parameter/** in the second project.

I study your second proposition.
I'm going to see the ACL related features of Acegi.

[karldmoore]

If the project type parameter is bound somewhere, you can always use this in conjunction with the role checking. I think the ACL based stuff might be better suited however.