My workflow is
1.) UI is build based on a user account's assigned roles and their containing access permissions
2.) User account selects menu item (= access permission) in UI.
3.) App figures out which of the assigned roles of the account contain the access permission for the selected menu item.
4.) App figures out which data the user account can see based on the active roles calculated in 3.) and filters the data accordingly before sending it to the client UI.
To make 4.) possible a customer can assign "accessible data" to each role of a given user account. So "accessible data" can vary between user accounts for the same role.
If I am not totally wrong I think JAAS can't help me here and I did not find a lot of information about JASPI but maybe my googling is just bad in this case. Currently the above is a custom implementation but I am wondering if its a "lets re-invent the wheel" thing.
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To unsubscribe from this group and stop receiving emails from it, send an email to email@example.com.
To post to this group, send email to firstname.lastname@example.org.
Visit this group at http://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/groups/opt_out.