directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <>
Subject Re: [authx] Help with complicated authorization
Date Fri, 17 Jun 2005 19:31:13 GMT
Richard Wallace wrote:

> Anyways, I'm trying to figure out how to do authorization.  
> Authentication is pretty simple I think, but the authorization is 
> pretty complex.  Instead of a user having or not having permission to 
> access a page (container webapp security) or having or not having 
> permissions to run certain actions (JAAS), we need finer grained 
> permissions based on objects and the users relationship to the object.

Aye I think this was the reason why we started authx.

> What we have is basically a project and task management tool for our 
> organization.

[Off Topic]

I'd stick to good old JIRA for that if I were you.  Perhaps you can work 
with customized workflows using their permission schemes in JIRA and 
Confluence?  It would get you there faster and the Atlassian guys have 
the product down in terms of user interfaces.  It costs practically 
nothing to get an Enterprise License ... like 3-4K.  Development time 
would cost much more. 

> I'm wondering how I might implement this with AuthX.  Do I simply 
> create custom permissions classes, like ProjectPermission and 
> TaskPermission?  Then, when implementing the implies() method what do 
> I do?  Is that where I would do these checks to see if the user has 
> the required ability to do the desired operation?
> I think I'm a little lost because of all the groovy stuff.  Does 
> anyone have an example app that I can work from that doesn't have groovy?

Yeah the Groovy scripting throws me off too.  I have not seen any 
applications built on this.  Vince might have something for you to look 
at though. 

Sorry for not having a concrete answer for you.

View raw message