5 Replies Latest reply on Feb 8, 2011 3:26 AM by Zufar Muhamadeev

    Using Roles without creating entities in the DB

    Eric H Newbie

      I'm moving my security system over from Seam 2.0 to Seam 2.2 style.

      I notice that the User object now needs to have a @UserRoles member.

      That's good, and it makes sense, but the examples suggest that that should be a set of entities, ie, user roles are listed in a table in the DB.

      That would make sense in a situation where user roles change frequently (added, edited, etc).  But that's very unusual in real applications.  Usually in a real application, the possible roles are set during the application design.

      In fact, for most real applications, it would make most sense for roles to be defined as an enum.  I would create an enum like this:

      public enum Role {

      There's no need to have those as an entity in the DB because they will never change, unless we make design changes to the app.

      Is there a way to support this type of usage with Seam Security?  It seems like it would be simpler, more secure and a better reflection of how apps are designed.