This discussion is archived
1 Reply Latest reply: Dec 20, 2011 7:38 AM by 376398 RSS

Java ee 6 security authorization

873178 Newbie
Currently Being Moderated
Good day,
I'm developing a web application in java ee 6 using JSF and EJB. I authenticate against LDAP server and now I need to implement an authorization. Roles will be created dynamically ("ROLE_ADMIN_SECTION_34567876543"). I haven't found a solution for dynamic control of roles for java ee. Therefore I hope that someone here will help.
I'm interested in something, that works like AccessDecisionManager in Spring Security (Acegi security), but I would like to use J EE without Spring security. The code from Spring looks like this:
private UUID authorizeAdminAccess(UUID adUuid) {
          Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
          UUID adOwnerUUID = adDAO.getAdLessorSiteUUID(adUuid);
          accessDecisionManager.decide(authentication, null,
                    Arrays.asList((ConfigAttribute) new SecurityConfig(SecurityUserService.ROLE_LESSOR_SITE_ADMIN + adOwnerUUID)));
          return adOwnerUUID;
     }

Thank you!
Jane

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points