Re: security

From: Aristedes Maniatis (ar..sh.com.au)
Date: Wed Jan 31 2007 - 17:30:08 EST

  • Next message: Andrew Lindesay: "Re: security"

    On 01/02/2007, at 1:23 AM, Carl Mosca wrote:

    > I am wondering about security (user, query, role level). What
    > approaches
    > have been taken by those using ROP for a some time?

    We are implementing this in our Swing (Cayenne ROP) application at
    the moment. The best framework we've seen is the acegisecurity
    library. Quite robust and very useful. In our case though it is not
    quite what we need so we are going to roll our own using some ideas
    from that library.

    We've found in our Swing app that we want to tie security to GUI
    widgets and not database entities. In other words, we thought about
    security at a Cayenne level which would have been quite easy once
    https://issues.apache.org/cayenne/browse/CAY-400 gave us user
    definable properties. However we had major issues about how that
    would map to the GUI. We want some users to be able to edit students
    in our system, but not to be able to see certain financial data
    related to that student. They might be able to see other financial
    data relating to courses though. It wasn't possible to express this
    as a simple set of table or field properties at the Cayenne level.

    So the approach we are taking is to relate security to Swing panels
    and tabs, creating add/edit/view type rights which automatically flow
    down to the editable fields within those panels.

    You didn't mention whether your app was Swing or web based...

    Cheers
    Ari Maniatis

    -------------------------->
    ish
    http://www.ish.com.au
    Level 1, 30 Wilson Street Newtown 2042 Australia
    phone +61 2 9550 5001 fax +61 2 9550 4001
    GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A





    This archive was generated by hypermail 2.0.0 : Wed Jan 31 2007 - 17:31:16 EST