Field level security using Acegi

**toBeBond** · Dec 12th, 2007, 03:35 AM

Hi All,
I am new to Spring and Acegi. I need to implement implement field level security using Acegi, like, field "age" is editable by a person of role A but not-editable by a person of role B.
Please advice !!

--Mayank

**akram** · Dec 12th, 2007, 07:25 AM

Hello,

we performed this using the "domain objects security " functionnality in acegi. This is also called "ACLs".
Unfortunately we found several bugs in the current implementation of acegi (1.0.5), these bugs are planned to be fixed in acegi 2.

We made some fixes in the code, but we did not release them yet.

Hope this helps

**tkelley353** · Jan 14th, 2008, 11:32 AM

Originally Posted by akram

Hello,

we performed this using the "domain objects security " functionnality in acegi. This is also called "ACLs".
Unfortunately we found several bugs in the current implementation of acegi (1.0.5), these bugs are planned to be fixed in acegi 2.

We made some fixes in the code, but we did not release them yet.

Hope this helps

I would be curious if you have more details on how you implemented field-level security. It would seem that you would have to make a few extensions to the ACL classes to do this as the currently implementation only handles object level security.

Thanks,

-Troy

**orangemile** · Sep 23rd, 2008, 08:17 PM

This may be of some use:

code.google.com/p/dynamic-rule-security/

It maybe sufficient for what you're trying to accomplish.

Thread: Field level security using Acegi

Thread Tools

Display

Field level security using Acegi

Field Level Security with Drools

Posting Permissions