New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEC-840: Allow the rolePrefix to be set through Namespace Configuration #1098

Closed
spring-issuemaster opened this Issue May 18, 2008 · 4 comments

Comments

Projects
None yet
1 participant
@spring-issuemaster
Copy link

spring-issuemaster commented May 18, 2008

Gunnar Hillert(Migrated from SEC-840) said:

The new namespace configuration for spring security is awesome. However, I wonder if it might be possible to add a feature that would also allow to define the RoleVoter’s rolePrefix through Spring’s XML namespaces.

Right now I need to do define 2 beans the ‘traditional way’ in order to define the roleVoter e.g.:



This is a rather minor issue but I if there is any further simplification possible in that regard, that would be great. This issue was also discussed here on the forum:

http://forum.springframework.org/showthread.php?p=178371

@spring-issuemaster

This comment has been minimized.

Copy link
Author

spring-issuemaster commented May 28, 2008

Luke Taylor said:

I’m inclined to say that this is a “won’t fix” for the time being, largely because there isn’t an obvious place to put the information – the concept of a role prefix is pretty much specific to the RoleVoter and there isn’t currently any part of the namespace which is specific to RoleVoter or indeed for configuring an AccessDecisionManager. We could provide a reduced syntax for this but it would really just be a shorthand for the bean configuration – it doesn’t take much traditional bean configuration to add an AccessDecisionManager. It would just be something like

I would like to look into a more generalized syntax for mapping the loading of attributes from storage and their use in the framework, since this is rather arbitrarily spread amongst the data loading classes – this would cover not just whether a prefix should be added, but also whether the values should be converted to upper case etc.

@spring-issuemaster

This comment has been minimized.

Copy link
Author

spring-issuemaster commented Jul 17, 2008

Luke Taylor said:

As explained, it wouldn’t be a good idea to allow the RoleVoter prefix to be set through the namespace as the syntax would be somewhat artificial (and would be confusing if an external AccessDecisionManager was configured). The overall strategy needs more thought.

@spring-issuemaster

This comment has been minimized.

Copy link
Author

spring-issuemaster commented Jun 13, 2012

Eugen Paraschiv said:

Hi,
Since this was a rather old issue, was there any followup/new issues to track any of the work discussed here?
Thank you.
Eugen.

@spring-issuemaster

This comment has been minimized.

Copy link
Author

spring-issuemaster commented Jun 13, 2012

Rob Winch said:

The approach to configure items not in the namespace is to use a BeanPostProcessor as described in the FAQ. I do not really see this getting added to the namespace configuration as it is a less commonly used configuration. Adding less common configuration options to the namespace will lead to making it just as complex as the standard configuration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment