Hi,
I would like to implement a user base (using
J2EE declarative security) with the following relationship hierarchy :
Users:
user = 100, usergroup = 11;
UserGroups:
usergroup = 10, groupname=agent, parentgroup = 5;
usergroup = 11, groupname=privatesupplier, parentgroup = 5;
usergroup = 5, groupname=supplier, parentgroup = 1;
usergroup = 1, groupname=user, parentgroup=0;
This is so that if I say isUserInRole(supplier) in a
servlet or
JSP, I know I'm dealing with all users in this group as well as all users in all child groups. Or in other words I need to know whether a user is a descendent of a particular ancestor.
I am using a DatabaseServerLoginModule(which comes with
JBoss) which queries the following two tables in order to authenticate the user:
Table Principals(PrincipalID text, Password text)
Table Roles(PrincipalID text, Role text, RoleGroup text)
How could I implement my usergroup hierarchy strategy using principals, roles and rolegroups if I wanted to reuse the existing tables and its data as a source for
authorization ?
Thanks
Joe