We are using Seam as our security manager (Authentication and Authorization), but we are having some trouble with Authorization. In Seam reference it's a bit confusing how we can configure permissions through jpa-permission-store.
We took a look at Seam space example, but we still haven't figured out some stuff.
In seam space there is the following call
My first impression was that there would have to be an action
createFriendComment with a target Member in the table AccountPermission. But for my surprise, there are only two lines in this table:
PermissionId Recipient Target Action Discrimintator 1 friends MemberImage:5 view role 2 user MemberImage:6 view role
Another point that is quite confusing are the annotations @Permissions and @Permission. Are they responsible for
declaring possible actions that should go to the database table ?
Does PermissionSearch.getTarget() return all the classes that are marked with the @Permissions annotation ?
Thanks a lot.