openjpa-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mario Ds Briggs <mario.bri...@in.ibm.com>
Subject Re: Virtual Private Database
Date Tue, 28 Feb 2012 05:07:45 GMT
>>
Which makes me conclude that it can not be done in a vendor neutral
way. Am I missing something ?
<<

Often the common requirement is that all/any/direct SQL access to database
should obey the security/access control rules. Therefore one would need
implement this at the database level, so that all SQL access is now
controlled  rather than at the app level (and if you have done it at the
DB, you dont need to bother at the app).  Of course if you are not bothered
about direct SQL access and only your app's access, then maybe u do what u
are trying

Just my 2 cents

Mario



From:	Mansour Al Akeel <mansour.alakeel@gmail.com>
To:	users@openjpa.apache.org
Date:	02/28/2012 04:45 AM
Subject:	Virtual Private Database



Hello all,

I read on this page
http://en.wikibooks.org/wiki/Java_Persistence/Advanced_Topics#Filters, some
thing about filters. My understanding is that it creates multiple view for
the database.
I need to implement row level security depending on the user reading the
data. I know this can be in done in the DAOs. But since this is going to be
done in many places I am searching for a better option. Another option is
to do it in Aspect Oriented way. For a moment I though about extending the
EntityManager, and do what I need there.
Still I believe using filters the way it's described, is a cleaner approach
for what I am doing and if I understand it correctly.

Another option is http://jpasecurity.sourceforge.net/.

My first question is, does openjpa has something similar ?
The second question, I didn't find anything about these data filters in the
specs. Which makes me conclude that it can not be done in a vendor neutral
way. Am I missing something ?

If anyone had experience with similar situation, please share.


Thank you.



Mime
View raw message