@Restrict on POJOs?

ericjava Jan 26, 2008 8:27 PM

Looking at the Seam documentation, it says:

Javabeans may be used just like a stateless or stateful session bean. However, they do not provide the functionality of a session bean (declarative transaction demarcation, declarative security, efficient clustered state replication, EJB 3.0 persistence, timeout methods, etc).

And yet, in the Seam examples, such as wiki/src/main/org/jboss/seam/wiki/core/action/UserHome.java and wiki/src/main/org/jboss/seam/wiki/core/action/NodeHistory.java we see a @Restrict annotation used on a POJO.

What's the deal? Are the docs wrong, or are the examples wrong, or am I misunderstanding this?

This is quite important for me because I need to put @Restrict annotations on basically all the components in my app, to go with a detailed rules file to define who can do what to what.

1. Re: @Restrict on POJOs?

matt.drees Jan 26, 2008 9:53 PM (in response to ericjava)

@Restrict works fine on pojos. Maybe the documentation is talking about EJB-style security (which I know nothing about), not Seam security.
Actions
2. Re: @Restrict on POJOs?

ericjava Jan 26, 2008 10:46 PM (in response to ericjava)

That's what I thought. The documentation needs to be corrected or clarified. "Declarative security" sounds like JBoss Rules-based security, using the @Restrict annotation.

I just wanted to confirm that before I build this system on 90% POJOs, because it's going to use Drools security rules for everything.

(I'm going through the Drools docs right now learning how to build a rules file.)
Actions
3. Re: @Restrict on POJOs?

matt.drees Jan 26, 2008 10:49 PM (in response to ericjava)

Cool. I'm using a pojo system with drools security rules, too. I really like drools-based security; Shane did a great job with it.
Actions

Go to original post