5 Replies Latest reply on Feb 8, 2011 3:26 AM by zgood

    Using Roles without creating entities in the DB

    erich

      I'm moving my security system over from Seam 2.0 to Seam 2.2 style.


      I notice that the User object now needs to have a @UserRoles member.


      That's good, and it makes sense, but the examples suggest that that should be a set of entities, ie, user roles are listed in a table in the DB.


      That would make sense in a situation where user roles change frequently (added, edited, etc).  But that's very unusual in real applications.  Usually in a real application, the possible roles are set during the application design.


      In fact, for most real applications, it would make most sense for roles to be defined as an enum.  I would create an enum like this:


      public enum Role {
          USER, CUSTOMER, ADMIN, GUEST
      }
      



      There's no need to have those as an entity in the DB because they will never change, unless we make design changes to the app.


      Is there a way to support this type of usage with Seam Security?  It seems like it would be simpler, more secure and a better reflection of how apps are designed.


      Thanks