[[auth:intro|Intro]]
[[auth:ex1|Ex1]]
[[auth:ex2|Ex2]]
[[auth:ex3|Ex3]]
[[auth:ex4|Ex4]]====== Authentication: Enforce appropriate role ======

Of course, the ''@Authenticated'' annotations can specify stronger requirements than simply an authenticated user. For example, moving entire lines should only be allowed for supervisors.

Change your aspect to verify that the user is authenticated and holds at least the role specified by the ''value()'' of the ''@Authenticated'' annotation.

<note tip>
Employ the ''@annotation(//Var//)'' primitive pointcut to bind the annotation of a join point to a variable. 

You can compare two ''Role'' objects by comparing their ''ordinal()'' values.
</note>

Rerun the figure editor to verify your aspect. As before, you should be presented with an authentication dialog when you create a first point. Login as a normal user and create more points and lines. Now try to move a line. At this point, the authentication dialog should return. Change the role to supervisor to continue.

----

Continue with [[auth:ex4|Exercise 4]].