S
ssouthwe
Guest
Considering that PASOE uses the oeablSecurity.csv file to setup ACLs for various resources and verbs, I wonder if there is a way to access that programmatically from within the ABL? Assuming there is an application with many resources and many groups, I would like to find a way to provide the front-end with a list of resources and verbs that the currently logged-in user can run, so that the front end can correctly display valid options for the user. The only ways i can think of right now: 1. Have ABL code parse the oeablSecurity.csv file and use that to match up with the client principal object's groups to provide the list. 2. Don't use oeablSecurity.csv / Spring for securing resources, but instead have the webhandlers check some internal table at runtime. Use that same table to tell the front end what can and can't be run. I am not really fond of either answer, but I know I don't want the front end hard-coding what it displays based on what user groups could access what at design time. I'm also not crazy about making the application's security dependent on a static CSV file that is tied more towards URL patterns in a particular order than actual back-end resources. Has anyone done anything creative to solve these problems?
Continue reading...
Continue reading...