Only bound users will have access to page "Personal Area > Home".
Moreover bound users will have access to expenses sheet edition form, even if
they don't have access to "Cost > Expenses" page.
Finally users with role ROLE_SUERUSER, ROLE_SUERUSER or ROLE_TIMESHEETS will
have access to monthly timesheets edition page.
FEA: ItEr76S30PermissionsEnhancements
New role ROLE_WS_SUBCONTRACTING has been created, now the web services are
separated in two parts:
* Common web services are allowed to be read by role ROLE_WS_READER and written
by role ROLE_WS_WRITER
* Subcontracting web services are allowed to be read and written by role
ROLE_WS_SUBCONTRACTING
In this way you can give access to a different companies to your subcontracting
services, however prevent them to access to the rest of your data (via common
web services).
FEA: ItEr76S30PermissionsEnhancements
For the moment the same behavior than before the authentication filter is kept.
Later it will be used to do some redirects depending on if the user is bound or
not to any resource.
In order to define a custom authentication filter it's needed to set
auto-config="false" see
http://static.springsource.org/spring-security/site/docs/2.0.x/reference/ns-config.html#ns-auto-config
We also need an entry point specified by "entry-point-ref" attribute.
FEA: ItEr76S28UserDashboard
