Hi everyone this is a short post a summary copy of the list I made in Peru Spring on an interesting discussion in the wake of a consultation on how to set access permissions ( usually in a configuration file) from a database summary here as a question - answer:
Question 1: can create users and roles in your own database or use a schema that already exists? : Yes, this way:
query = "SELECT U. USERNAME FROM USER U R. ROL, ROL R WHERE U. USERNAME = USERNAMER. AND U.USERNAME =?" />;
only a small observation: spring defines 3 security data to identify someone: username, password and enabled. the query employee serves in an environment where you do not have the concept of enabled, this equates to a user is always entitled to access the system as shown in the query:
users-by-username-query = "SELECT
U. USERNAME PASSWORD U., 'true' enabled FROM users WHERE U
U. USERNAME =? "
Question 2: can make the match between urls and roles in a database and ignore the configuration file: YES
no example here but if a link to read and gives an idea of \u200b\u200bhow: http://static. springsource.org/spring- security / site / faq / faq.html # faq- dynamic-url-metadata
link some important points: a change in security should be always audited, tested and approved if you take that into consideration as I believe that before any change is planned and controlled in security, you have to implement the interface FilterInvocationSecu rityMetadataSource in order to load these relationships from a different source configuration file.
Question 3: You can modify permissions dynamically, meaning that dynamic changes to take effect immediately without restarting the application?: Apparently not
at least reading the link above you can understand why the default behavior is to load the permissions on a memory map to change what is necessary to restart the application.
if they want to see the full discussion can do so from this link:
http://groups.google.com/group/spring-user-group-peru/browse_thread/thread/28094fbbfe1bfbc0?hl=es
0 comments:
Post a Comment