Raible's Wiki
Raible Designs
Wiki Home
News
Recent Changes
AppFuse
Homepage- Korean
- Chinese
- Italian
- Japanese
QuickStart Guide
- Chinese
- French
- German
- Italian
- Korean
- Portuguese
- Spanish
- Japanese
User Guide
- Korean
- Chinese
Tutorials
- Chinese
- German
- Italian
- Korean
- Portuguese
- Spanish
Other Applications
Struts ResumeSecurity Example
Struts Menu
UserPreferences
Referenced by
AppFuseSecurityMetho...
![[RSS]](https://raibledesigns.com/wiki/images/xml.png "Aggregate the RSS feed")
Hide Menu
AppFuseSecurityMethods2 |
|
| Your trail: | |
This is version 2.
It is not the current version, and thus it cannot be edited.
[Back to current version]
[Restore this version]
In part one of this tutorial we got basic Method Invocation security working. But there still remains some holes in the security of our User object at the service level. For example if someone could get the controller to run UserManager.saveUser() on someone other than themselves, there is nothing at the service level to stop them.
This tutorial adds object specific security into the mix. Another way to accomplish this would be to use an access control list, but that solution may be a bit heavy for many apps. So ACL's will be a tutorial but not included in the core of AppFuse. So without getting into ACL's we can still secure our objects by making sure the user who is authenticated can only retreive, edit or delete his User object.
Table of Contents
- [0] Prerequisites
- [1] Add UserManager.updateUser() method
- [2] Modify txProxyTemplate configuration
- [3] Create the OwnerVoter
- [4] Modify userManagerSecurity configuration
- [5] Test All
Prerequisites [#0]
Basically you need to have completed part one of this tutorial.Add UserManager.updateUser() method [#1]
Modify txProxyTemplate configuration [#2]
Create the OwnerVoter [#3]
Modify userManagerSecurity configuration [#4]
Test All [#5]
Attachments:
| OwnerVoter.java |  |
12677 bytes |
|
Go to top
More info...
Attach file...
|
| This particular version was published on 06-Nov-2006 13:52:43 MST by NathanAnderson. |