This gives access to the Edu3.Service.* namespace (so all Classes starting with Edu3.Service) for users with the admin role.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | <security> <secure-resources> <secure-resource> <resource>Edu3.Service.*</resource> <constraint-name>Constraint.Grant.Edu3.Service.*</constraint-name> </secure-resource> </secure-resources> <access-constraints> <access-constraint action="grant"> <name>Constraint.Grant.Edu3.Service.*</name> <role>admin</role> </access-constraint> </access-constraints> </security> |
If you want to give access to a user with admin AND author role you’ll need to write this:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | <security> <secure-resources> <secure-resource> <resource>Edu3.Service.*</resource> <constraint-name>Constraint.Grant.Edu3.Service.*</constraint-name> </secure-resource> </secure-resources> <access-constraints> <access-constraint action="grant"> <name>Constraint.Grant.Edu3.Service.*</name> <role>admin</role> <role>author</role> </access-constraint> </access-constraints> </security> |
If you want to give access to a user with admin OR author role you’ll need to write this:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <security> <secure-resources> <secure-resource> <resource>Edu3.Service.*</resource> <constraint-name>Constraint.Grant.Admin.Edu3.Service.*</constraint-name> </secure-resource> <secure-resource> <resource>Edu3.Service.*</resource> <constraint-name>Constraint.Grant.Author.Edu3.Service.*</constraint-name> </secure-resource> </secure-resources> <access-constraints> <access-constraint action="grant"> <name>Constraint.Grant.Admin.Edu3.Service.*</name> <role>admin</role> </access-constraint> <access-constraint action="grant"> <name>Constraint.Grant.Author.Edu3.Service.*</name> <role>author</role> </access-constraint> </access-constraints> </security> |
You have a lot of access-constraints that you can choose from like ip constraints:
1 2 3 4 5 6 7 8 9 | <access-constraint action="grant"> <name>everyone</name> <IP>*.*.*.*</IP> </access-constraint> <access-constraint action="reject"> <name>noone</name> <IP>*.*.*.*</IP> </access-constraint> |
More information –> Check these links
http://www.themidnightcoders.com/doc30/ –> Search for Authentication and Authorization
http://www.adobe.com/devnet/flex/articles/net_security.html