struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thomas Joseph" <thomas.jos...@kottsoftware.com>
Subject Re: Changing Role Access to Actions on the Fly
Date Mon, 03 Jul 2006 10:01:52 GMT
Thank you Paul for your comments,

Adding/removing Roles, adding/removing users to roles, then
permitting/forbidding various actions for these roles is what I want as the
main feature of my App.

I have an idea of using filter that would do explicit permissions to roles
on actions, based on configurations of role-action mappings from the
database. How good do you consider this design?

Any other/better design choices??

If other frameworks lack this and if this design goes good enough, I would
like to roll out this one to the Open Source. :)

Thanks for your help and support

Thomas Joseph

----- Original Message -----
From: "Paul Benedict" <paul4christ79@yahoo.com>
To: "Struts Users Mailing List" <user@struts.apache.org>
Sent: Monday, July 03, 2006 2:48 PM
Subject: Re: Changing Role Access to Actions on the Fly


> I can say with mild confidence that the action mapping is "frozen" once
loaded, and changes to it during runtime cannot be made. Since roles are
part of a mapping, it cannot be done.
>
> But don't let the framework stop you! Just because its automated
configuration features are frozen, doesn't mean you can't get around it. If
you are willing to perform explicit role checking inside the action, then
you can achieve what you're trying to do. Yes, you will be giving up the XML
configuration, but, you're doing something very special; I don't even know
if *ANY* framework allows something like this.
>
> In my opinion, you might search for a better solution. Perhaps dynamic
role changing is a symptom of a bad design. For instance, instead of
changing the role mapping, update the roles the user actually has -- that's
usually how security apps work: change the user, not the app :)
>
> Paul
>
> Thomas Joseph <thomas.joseph@kottsoftware.com> wrote: I couldnt see any
replies, thats why I am adding up these comments.
>
> Actually I want the application users to create groups (roles), and then
> assign access rights to various actions for this group. Later group
> membership/access rights should be editable. This should be something like
> how we can do in Operating Systems.
>
> Any help in this regard is highly appriciated.
>
> Also tell if this is not possible
>
> Thanks in advance.
>
> Thomas Joseph
>
> ----- Original Message -----
> From: "Thomas Joseph"
> To: "Struts Users Mailing List"
> Sent: Friday, June 30, 2006 5:37 PM
> Subject: Changing Role Access to Actions on the Fly
> >
> >
> > Hi all great brains,
> >
> > I would like my application to use roles to access any actions. However,
I
> want to make access to these actions
> > change while the application is running. User in a role could access a
> particular action at one time, but not the
> >  other time (when  change has been made). (I understand that role based
> access to the Action Mapping is static.)
> >
> > Is there any way I can do this.?
> >
> > Any pointers,... ideas ??
> >
> > Thanks in advance!!
> >
> > Thomas Joseph
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message