> Adrian,
> The problem of assigning permissions to the user is that they are "static,"
> i.e., the user will keep those permissions for other calls. If one wanted
> more "dynamic" permission capabilities, that authenticates user for a
> specific functionality at a specific time, there doesn't seem to be a way
> other than "system" userLogin.
> Vinay
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]]
> On Behalf Of Adrian Crum
> Sent: Thursday, May 18, 2006 9:47 AM
> To: OFBiz Users / Usage Discussion
> Subject: Re: [OFBiz] Users - Security API: What am I missing?
>
> No, it's best to determine what permissions the services are looking for and
>
> assign those permissions to the user. You might need to assemble them into a
>
> security group and assign that group to the user.
>
> Vinay Agarwal wrote:
>
>
>>That's the easy way of doing it which is essentially a custom security
>>function. This poses another problem that once you have authenticated a
>>userLogin to do something, other services may block that userLogin from
>
> some
>
>>required stuff. Is changing userLogin to "system" the best way to do it?
>>
>>Vinay
>>
>
>
>  
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>