Menu
▾
▴
[JSecurity-Developer] Re: hasPermission / implies
|
From: jhaile (s. by Nabble.com) <li...@na...> - 2006-01-28 22:40:18
|
No objections here. That makes sense to me. I currently use the annotations exclusively, although I'll be using the taglibs soon. One thing that I have found developers getting confused with is when to use role-based authorization vs. permission-based authorization. We use permission based authorization exclusively, and I can't think of many good examples of where you would want to mix the two. I think role-based authorization can be good for simple or relatively static security models, whereas permission based authorization is much more flexible. I don't think this should result in any API changes, but perhaps we should discuss this in our documentation. -- View this message in context: http://www.nabble.com/hasPermission-implies-t1016271c13668.html#a2639538 Sent from the Developer forum at Nabble.com. |
