1 Reply Latest reply on Dec 18, 2014 6:32 AM by pcraveiro

    Help in use of PicketLink with CDI, JSF 2 and JPA.

    claudinei
    claudinei Dec 15, 2014 2:03 PM

      I'm trying to use PicketLink and I need to implement a authorization system where permission is individual, so each user can access specific pages and specific functions, eg .:

      User A -> Customer page (Read, Create, Update, Delete), Products page (Read, Create, Update, Delete)

      User B -> Customer page (Read, Create), Products page (Read,Delete)

      User C -> Manufacturers page (Read,Create)

      Admin User -> ALL

      Also I would like to have profiles with pre-determined permissions but the user could have more permissions than these profiles.

      But it is complicated to understand what is  the roles and groups in my case, also I need to control access to pages via database data (MySQL with JPA).

      I already read some quickstarts guide in the PicketLink site, and played with the quickstarts code, but I'm not getting what I have to do. Could give me some advice?

      • 252 Views
      • Tags:
        • 1. Re: Help in use of PicketLink with CDI, JSF 2 and JPA.
          pcraveiro
          pcraveiro Dec 18, 2014 6:32 AM (in response to claudinei)

          Hey Claudinei,

           

              It seems you are talking about PicketLink Permission Management and API. Basically, permissions are a compound of assignee:resource:actions. Where assignee can be a role, group or an user. Resource can be a string representing a page, for instance. And actions can be create, update, delete, etc.

           

              Basically, what you need is configure PL to your project. That requires a very few steps and minimal configuration to your project. Please, look at the quickstarts. You also need to create your identities and assign permissions to them using the PermissionManager bean (which can be injected in any other bean you want). Once everything is done, you can use the permission methods from the Identity bean to check for permissions. The Identity bean is marked with @Named, which means you can access it in your JSF pages, for example.

           

              Did you take a look at this quickstart [1] ?

           

          [1] jboss-picketlink-quickstarts/picketlink-authorization-acl at master · jboss-developer/jboss-picketlink-quickstarts · Git…

           

          Regards.

          Pedro Igor

            • Actions