If you happen to be using oracle enterprise edition I'd highly recommend using Acegi in conjunction with Oracle Fine Grained Access Control (FGAC) for database access checking. We've got a simple subclass of a datasource that overrides getConnection() and sets the users Oracle context. This keeps the jdbc/hibernate code very clean and ensures that the same security code is enforced even if someone logs in via sql*plus, toad or any other tool. Nice.
-----Original Message----- From: Andreas Bulling [mailto:[EMAIL PROTECTED] Behalf Of Andreas Bulling Sent: 16 May 2006 16:57 To: Tapestry users Subject: Re: Best pratice - CRUD Security - Tapestry 4.0 On 16. Mai 2006 - 10:45:45, Brian K. Wallace wrote: | This is where I stick with ACEGI being unobtrusive. Not discounting any | other method of doing it at all, but I found that with ACEGI I add a | hook into "login/logout" pages and there's no other intrusion into my | Tapestry applications outside the configuration file (aka: no | "isUserInRole("...")" of any kind. But how is further access for example to the database checked? Andreas --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ********************************************************************** This email and any files transmitted with it are confidential and/or privileged and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient(s) please note that any review, distribution, dissemination, disclosure, alteration, printing, copying, transmission or use of this email and/or any file transmitted or the information therein is prohibited and may be unlawful. If you have received this email and any file transmitted with it in error please notify us by email at [EMAIL PROTECTED] or by telephone at +353 66 97 61258 and then delete the email and all copies of it from your system and destroy any hard copies of the email. Please note that any views, opinions or advice contained in this communication are those of the sending individual and not necessarily those of FEXCO. Email may be susceptible to data corruption, interception and unauthorised amendment, and we do not accept liability for any such corruption, interception or amendment or the consequences thereof. FEXCO and each legal entity in the FEXCO group of companies or business units of FEXCO reserve the right to monitor all email communications through its networks. This footnote also confirms that this email message has been swept for viruses. www.FEXCO.com ********************************************************************** --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
