• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Pattern Approach to User permissions?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Pattern Approach to User permissions?

  • Subject: Re: Pattern Approach to User permissions?
  • From: Arturo PĂ©rez <email@hidden>
  • Date: Tue, 2 Mar 2004 20:07:39 -0500
On Mar 2, 2004, at 4:45 PM, Kieran Kelleher wrote:

I am trying to decide how best to incorporate user-based permissions for selecting (viewing), inserting (adding), updating (editing) and deleting EO's into my object model design.


I'm also wrestling/designing such a system. I've decided to pattern mine after JAAS but beyond that I'm not certain how to proceed.

In JAAS you have a Subject toMany Principal toMany Permission. In both your and my model that falls short in that we both want to manage Resources. A Subject is, essentially, a collection of Principals. Each Principal can be interpreted as a role of some sort (kind of like group permissions). In the base JAAS model, a Permission includes a kind of Resource class and an action that can be performed against it.

There are examples of how to extend JAAS to include resource instance-based information. See this document over at IBM http://www.ibm.com/developerworks/java/library/j-jaas/. In any case, the JAAS arena may give you some ideas on how to proceed.

In my case, I'm not sure that I want the coupling between the permissions model and my other models that you're thinking about. I want my security framework to be reusable to other applications as well. What I would like would be to use something like eogenerator to create java.security.Guard-wrapped EOs. Does anyone know if it can be modified to do so? Alternatively, make a subclass of EOGenericRecord that overrides the validate methods to enforce permissioning. Then I figure I'll need a permission/security oriented version of WOComponentContent to wrap around things.

Thoughts?
----
WO in philadelphia - wanna cheesesteak with that?
Please visit webobjects.meetup.com.
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.

  • Follow-Ups:
    • Re: Pattern Approach to User permissions?
      • From: Anjo Krank <email@hidden>
    • Re: Pattern Approach to User permissions?
      • From: Daryl Thachuk <email@hidden>
    • Re: Pattern Approach to User permissions?
      • From: Jonathan Rochkind <email@hidden>
References: 
 >Pattern Approach to User permissions? (From: Kieran Kelleher <email@hidden>)

  • Prev by Date: Re: trail version for windows
  • Next by Date: Re: EOModel/Database access fails once deployed
  • Previous by thread: Re: Pattern Approach to User permissions?
  • Next by thread: Re: Pattern Approach to User permissions?
  • Index(es):
    • Date
    • Thread