Mar 21st, 2007, 07:26 PM
Using Acegi Security in a Partitioned Domain Model
I have been looking for a way to extend Acegi Security to secure domain objects based on data partitioning logic in addition to the request/method security and in lieu of the Acl based approach. Acls are geared toward ultra-fine grained control of access permissions, which is overkill for my application.
In a previous application, using EJB, I simply created a couple of authorization methods in a base class for all of our session beans and called them at the beginning of each method invocation. We also had partitioning logic in all of the queries we used. I would like to take a more AO approach to it this time, but I am having a hard time getting my head around it as I am relatively new to Spring, Acegi, and Hibernate.
I was thinking I could "dumb-down" the Acl interfaces, but that does not seem very elegant either. If that turns out to be the way to do it, what interfaces are necessary, at a minimum?
Mar 24th, 2007, 04:53 AM
Any chance you could give a few more details on what you are trying to do here?