-
1. Re: Seam 2.1 Security with an anonymous user
shane.bryzak Oct 8, 2008 4:25 PM (in response to adlerauge)Why can't you use JpaPermissionStore?
-
2. Re: Seam 2.1 Security with an anonymous user
adlerauge Oct 8, 2008 4:28 PM (in response to adlerauge)I was thinking of something else that there is always a logged in user, that even the anonymous user is a user in the database and when a system user really wants to log in, then I simply do another authentication with the provided credentials. How does that sound? It still somehow feels not quite right...
-
3. Re: Seam 2.1 Security with an anonymous user
adlerauge Oct 8, 2008 4:32 PM (in response to adlerauge)You're correct Shane, I could use the JpaPermissionStore. Sry about that... The PersietentPermissionResolver is checking if a user is logged in. Any statement on which of the ways you would prefer or suggest for a use case like that?
-
4. Re: Seam 2.1 Security with an anonymous user
shane.bryzak Oct 8, 2008 11:21 PM (in response to adlerauge)I would suggest going with your original idea of writing an AnonymousPermissionResolver. It would be almost identical to PersistentPermissionResolver, however the hasPermission() method would look something like this:
public boolean hasPermission(Object target, String action) { if (permissionStore == null) return false; Identity identity = Identity.instance(); if (identity.isLoggedIn()) return false; List<Permission> permissions = permissionStore.listPermissions(target, action); for (Permission permission : permissions) { if (permission.getRecipient() instanceof Role) { Role role = (Role) permission.getRecipient(); if ("guest".equals(role.getName()) return true; } } return false; }
Then you simply need to create a
guest
role and grant the anonymous permissions to it. -
5. Re: Seam 2.1 Security with an anonymous user
adlerauge Oct 9, 2008 9:43 AM (in response to adlerauge)Thank you very much for your input an help Shane! I appreciate it very much! I thought about it again and was coming to the same conclusion...Let's get to work :)