To configure security on a component property or method, add a property or method tag within the resource tag. The property and method tags allow you to specify at the property or method level to which users have access for the specified property or method.
In the following example, property1 and methodA in /some/Component can be accessed only by the admin user. property2 and methodB can be accessed by anyone because security has been disabled on it.
<rest-security> <default-acl>Profile$role$restUser:read,write,execute"</default-acl> <resource component="/some/Component"> <default-acl value="Profile$login$admin:read,write,execute;Profile$role$restUser:read"/> <property name="property1"> <acl value="Profile$login$admin:read,write"/> </property> <property name="property2" secure="false"/> <method name="methodA"> <acl value="Profile$login$admin:execute"/> </property> <method name="methodB" secure="false"/> </resource> <resource component="/some/other/Component" secure="false"/> </rest-security>
Methods which are overloaded and have different security requirements require a signature attribute, available on the method tag. This attribute allows for a Java method signature that uniquely identifies the method.
