Re: security

From: Carl Mosca (carljmosc..mail.com)
Date: Wed Jan 31 2007 - 20:11:14 EST

  • Next message: Aristedes Maniatis: "Re: security"

    Ari,

    Thanks much. First off the apps are Swing so your example is very helpful.

    I looked at cayenne a while back but I am only recently revisiting it so I
    need to build a proof-of-concept before I can digest all that's been said so
    far.

    Your app makes me wonder how cayenne handles views.

    Carl

    On 1/31/07, Aristedes Maniatis <ar..sh.com.au> wrote:
    >
    >
    > On 01/02/2007, at 1:23 AM, Carl Mosca wrote:
    >
    > > I am wondering about security (user, query, role level). What
    > > approaches
    > > have been taken by those using ROP for a some time?
    >
    > We are implementing this in our Swing (Cayenne ROP) application at
    > the moment. The best framework we've seen is the acegisecurity
    > library. Quite robust and very useful. In our case though it is not
    > quite what we need so we are going to roll our own using some ideas
    > from that library.
    >
    > We've found in our Swing app that we want to tie security to GUI
    > widgets and not database entities. In other words, we thought about
    > security at a Cayenne level which would have been quite easy once
    > https://issues.apache.org/cayenne/browse/CAY-400 gave us user
    > definable properties. However we had major issues about how that
    > would map to the GUI. We want some users to be able to edit students
    > in our system, but not to be able to see certain financial data
    > related to that student. They might be able to see other financial
    > data relating to courses though. It wasn't possible to express this
    > as a simple set of table or field properties at the Cayenne level.
    >
    > So the approach we are taking is to relate security to Swing panels
    > and tabs, creating add/edit/view type rights which automatically flow
    > down to the editable fields within those panels.
    >
    > You didn't mention whether your app was Swing or web based...
    >
    >
    > Cheers
    > Ari Maniatis
    >
    >
    >
    > -------------------------->
    > ish
    > http://www.ish.com.au
    > Level 1, 30 Wilson Street Newtown 2042 Australia
    > phone +61 2 9550 5001 fax +61 2 9550 4001
    > GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A
    >
    >
    >
    >
    >

    -- 
    Carl J. Mosca
    



    This archive was generated by hypermail 2.0.0 : Wed Jan 31 2007 - 20:11:44 EST