Anton, Thanks for your comments. First let me em...

2012-01-28T18:51:14.342+11:00

Anton,

Thanks for your comments.

First let me emphasise: the above is just what has worked for us, in my opinion. So I'm not saying "db sequences with increasing ids are not good" as a general rule.

However let's say you need 'fine-grained' security. Not just Role Customer can access '/order' and cannot access '/admin'. But more subtle rules like 'Customer ABC can see their order number 123, and so can Account Manager XYZ, but Customer DEF mustn't'. It's very easy to get such rules wrong: to miss some permutation and accidentally allow the wrong role to access the wrong data.

The main way they will 'access the wrong data' is by using the ID of the wrong data. Customer DEF might, for example, try to hit a URL '/order?id=123'. So a great first line of defense is to protect those IDs. We do this in two ways.

First, we make them unguessable because they are not just incrementing. Second, we encrypt them to the logged-in user's password. That way, even if someone is 'looking over your shoulder', the IDs they see on the URL will not work for them.

Perfect post! Empty JSF/CDI bean classes are frust...

2012-01-28T02:20:43.572+11:00

Perfect post! Empty JSF/CDI bean classes are frustrating and boilerplate so the generic EL resolver is a really good idea, also search object is great! Could not understand the UUID idea - why the db sequences with increasing ids is not good? If the user does not have the access to the entity 124 but has for 123 - system must check this and redirect to error page or show illegal access message. Also could not understand the need to generate names of fields - this may make the developing and debuging process much more difficult though security reasons are not clear..
Thanks.

Comments on Kennard Consulting's Blog: What Do You Want In A Generic DAO API?

Anton, Thanks for your comments. First let me em...

Perfect post! Empty JSF/CDI bean classes are frust...