Documentation

Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
jvx:server:security:object_method_access [2018/02/02 08:53]
admin
jvx:server:security:object_method_access [2020/06/25 10:52] (current)
cduncan
Line 1: Line 1:
 ~~NOTRANS~~ ~~NOTRANS~~
-~~Title: Precise ​object ​and method security~~+~~Title: Precise ​Object ​and Method Security~~
  
-If you use a [[jvx:​server:​security:​manager|SecurityManager]],​ you can restrict the access to life-cycle objects. But sometimes you need restrictions for custom objects or methods of a life-cycle object.+If you use a [[jvx:​server:​security:​manager|SecurityManager]],​ you can restrict the access to life cycle objects. But sometimes you need restrictions for custom objects or methods of a life cycle object.
  
-We are not big fans of "​configuration til death" because config files are not more than config files. Nobody should fill config files with application logic. Keep your logic in your source code.+We are not big fans of "​configuration til death" because config files are nothing ​more than config files. Nobody should fill config files with application logic. Keep your logic in your source code.
  
 If you implement ''​com.sibvisions.rad.server.security.IObjectAccessController'',​ you'll have full control over object and method calls. The interface offers following methods: If you implement ''​com.sibvisions.rad.server.security.IObjectAccessController'',​ you'll have full control over object and method calls. The interface offers following methods:
Line 19: Line 19:
 </​file>​ </​file>​
  
-The first method checks if it's allowed to call an object from a life-cycle object. You have access to all relevant objects like life-cycle object, called object and the object name.+The first method checks if it's allowed to call an object from a life cycle object. You have access to all relevant objects like life cycle object, called objectand the object name.
  
-The second method checks if it's allowed to call a method from an object. You have access to all relevant information like object to call, method name, parameter and the object instance itself.+The second method checks if it's allowed to call a method from an object. You have access to all relevant information like object to call, method name, parameterand the object instance itself.
  
 == Example == == Example ==
Line 58: Line 58:
 </​file>​ </​file>​
  
-We use the object name for our checks. It is also possible to check class names or instances. It also is not a problem to read the configuration from XML fileif you think it's better.                              ​+We use the object name for our checks. It is also possible to check class names or instances ​and is not a problem to read the configuration from an XML file if you prefer.                              ​
This website uses cookies for visitor traffic analysis. By using the website, you agree with storing the cookies on your computer.More information