Index: topia-security/src/java/org/codelutin/topia/security/listener/VetoablePropertyListener.java
diff -u topia-security/src/java/org/codelutin/topia/security/listener/VetoablePropertyListener.java:1.1 topia-security/src/java/org/codelutin/topia/security/listener/VetoablePropertyListener.java:1.2
--- topia-security/src/java/org/codelutin/topia/security/listener/VetoablePropertyListener.java:1.1	Mon Sep 25 13:24:40 2006
+++ topia-security/src/java/org/codelutin/topia/security/listener/VetoablePropertyListener.java	Fri Sep 29 15:50:07 2006
@@ -24,16 +24,17 @@
 * Created: 10 févr. 2006
 *
 * @author Arnaud Thimel <thimel@codelutin.com>
-* @version $Revision: 1.1 $
+* @version $Revision: 1.2 $
 *
-* Mise a jour: $Date: 2006/09/25 13:24:40 $
+* Mise a jour: $Date: 2006/09/29 15:50:07 $
 * par : $Author: ruchaud $
 */
 
-
 package org.codelutin.topia.security.listener;
 
+import java.util.Arrays;
 import java.util.Collection;
+import java.util.List;
 
 import org.codelutin.topia.event.TopiaEntityEvent;
 import org.codelutin.topia.event.TopiaEntityListener;
@@ -68,11 +69,15 @@
      * (non-Javadoc)
      * @see org.codelutin.topia.event.TopiaEntityLoadListener#entityLoaded(org.codelutin.topia.event.TopiaEntityLoadEvent)
      */
-    public void entityLoaded(TopiaEntityLoadEvent event) {        
+    public void entityLoaded(TopiaEntityLoadEvent event) {
         Collection<Object> topiaEntities = event.getTopiaEntities();
         for (Object object : topiaEntities) {
             TopiaEntityAbstract entity = (TopiaEntityAbstract) object;
-            entity.addVetoableReadListener(readListener);
+            Class[] interfaces = entity.getClass().getInterfaces();
+            List<Class> asList = Arrays.asList(interfaces);
+            if (!asList.contains(NoEntityVetoableReadListener.class)) {
+                entity.addVetoableReadListener(readListener);
+            }            
             entity.addVetoableChangeListener(writeListener);
         }
     }
@@ -85,7 +90,11 @@
         Collection<Object> topiaEntities = event.getTopiaEntities();
         for (Object object : topiaEntities) {
             TopiaEntityAbstract entity = (TopiaEntityAbstract) object;
-            entity.addVetoableReadListener(readListener);
+            Class[] interfaces = entity.getClass().getInterfaces();
+            List<Class> asList = Arrays.asList(interfaces);
+            if (!asList.contains(NoEntityVetoableReadListener.class)) {
+                entity.addVetoableReadListener(readListener);
+            }
             entity.addVetoableChangeListener(writeListener);
         }
     }

Index: topia-security/src/java/org/codelutin/topia/security/listener/VetoableEntityListener.java
diff -u topia-security/src/java/org/codelutin/topia/security/listener/VetoableEntityListener.java:1.1 topia-security/src/java/org/codelutin/topia/security/listener/VetoableEntityListener.java:1.2
--- topia-security/src/java/org/codelutin/topia/security/listener/VetoableEntityListener.java:1.1	Mon Sep 25 13:24:40 2006
+++ topia-security/src/java/org/codelutin/topia/security/listener/VetoableEntityListener.java	Fri Sep 29 15:50:07 2006
@@ -24,9 +24,9 @@
 * Created: 10 févr. 2006
 *
 * @author Arnaud Thimel <thimel@codelutin.com>
-* @version $Revision: 1.1 $
+* @version $Revision: 1.2 $
 *
-* Mise a jour: $Date: 2006/09/25 13:24:40 $
+* Mise a jour: $Date: 2006/09/29 15:50:07 $
 * par : $Author: ruchaud $
 */
 
@@ -34,20 +34,31 @@
 
 import static org.codelutin.topia.security.util.TopiaSecurityUtil.CREATE;
 import static org.codelutin.topia.security.util.TopiaSecurityUtil.DELETE;
+import static org.codelutin.topia.security.util.TopiaSecurityUtil.LOAD;
 import static org.codelutin.topia.security.util.TopiaSecurityUtil.checkPermission;
 
+import java.security.AccessController;
+import java.security.Principal;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.security.auth.Subject;
+
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.codelutin.topia.TopiaException;
 import org.codelutin.topia.event.TopiaVetoableEntityEvent;
 import org.codelutin.topia.event.TopiaVetoableEntityListener;
+import org.codelutin.topia.event.TopiaVetoableEntityLoadEvent;
+import org.codelutin.topia.event.TopiaVetoableEntityLoadListener;
+import org.codelutin.topia.security.TopiaSecurityManagerImpl;
 
 /**
  * Listenner permettant de vérifier les autorisations pour la création ou la
  * suppression d'une entité. 
  * @author ruchaud
  */
-public class VetoableEntityListener implements TopiaVetoableEntityListener {
+public class VetoableEntityListener implements TopiaVetoableEntityListener, TopiaVetoableEntityLoadListener {
 
     private static Log log = LogFactory.getLog(VetoableEntityListener.class);
 
@@ -79,6 +90,38 @@
         }
     }
 
+    /*
+     * (non-Javadoc)
+     * @see org.codelutin.topia.event.TopiaVetoableEntityLoadListener#loadEntity(org.codelutin.topia.event.TopiaVetoableEntityLoadEvent)
+     */
+    public boolean loadEntity(TopiaVetoableEntityLoadEvent event) {       
+        boolean check = true;
+        
+        Class[] interfaces = event.getEntityClass().getInterfaces();
+        List<Class> asList = Arrays.asList(interfaces);
+        if (!asList.contains(NoEntityVetoableReadListener.class)) {
+            if (log.isDebugEnabled()) {
+                log.debug("[Security] load entity : " + event.getId());
+            }
+            try {
+                checkPermission((String)event.getId(), LOAD);
+                
+            } catch (TopiaException te) {
+                check = false;
+            }
+        }
+        
+        /* Mise en cache */
+        Subject subject = Subject.getSubject(AccessController.getContext());
+        if (subject != null) {
+            for (Principal principal : subject.getPrincipals()) {
+                TopiaSecurityManagerImpl.cachingLOAD.put(check, event.getId(), principal.getName());
+            }
+        }
+
+        return true;
+    }
+
     /* (non-Javadoc)
      * @see org.codelutin.topia.event.TopiaVetoableEntityListener#updateEntity(org.codelutin.topia.event.TopiaVetoableEntityEvent)
      */

Index: topia-security/src/java/org/codelutin/topia/security/listener/PropertyWriteListener.java
diff -u topia-security/src/java/org/codelutin/topia/security/listener/PropertyWriteListener.java:1.1 topia-security/src/java/org/codelutin/topia/security/listener/PropertyWriteListener.java:1.2
--- topia-security/src/java/org/codelutin/topia/security/listener/PropertyWriteListener.java:1.1	Mon Sep 25 13:24:40 2006
+++ topia-security/src/java/org/codelutin/topia/security/listener/PropertyWriteListener.java	Fri Sep 29 15:50:07 2006
@@ -33,7 +33,7 @@
 import org.codelutin.topia.persistence.TopiaEntityAbstract;
 
 /**
- * Listenner permettant de vérifier les autorisations pour le chargement d'une
+ * Listenner permettant de vérifier les autorisations pour le modification d'une
  * propriété sur une entités.
  * @author ruchaud
  */

Index: topia-security/src/java/org/codelutin/topia/security/listener/PropertyReadListener.java
diff -u topia-security/src/java/org/codelutin/topia/security/listener/PropertyReadListener.java:1.1 topia-security/src/java/org/codelutin/topia/security/listener/PropertyReadListener.java:1.2
--- topia-security/src/java/org/codelutin/topia/security/listener/PropertyReadListener.java:1.1	Mon Sep 25 13:24:40 2006
+++ topia-security/src/java/org/codelutin/topia/security/listener/PropertyReadListener.java	Fri Sep 29 15:50:07 2006
@@ -26,16 +26,19 @@
 import java.beans.PropertyChangeEvent;
 import java.beans.PropertyVetoException;
 import java.beans.VetoableChangeListener;
-import java.util.Arrays;
-import java.util.List;
+import java.security.AccessController;
+import java.security.Principal;
+
+import javax.security.auth.Subject;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.codelutin.topia.TopiaException;
 import org.codelutin.topia.persistence.TopiaEntityAbstract;
+import org.codelutin.topia.security.TopiaSecurityManagerImpl;
 
 /**
- * Listenner permettant de vérifier les autorisations pour la modification d'une
+ * Listenner permettant de vérifier les autorisations pour la chargement d'une
  * propriété sur une entités.
  * @author ruchaud
  */
@@ -51,14 +54,28 @@
     public void vetoableChange(PropertyChangeEvent event) throws PropertyVetoException {
         Object source = event.getSource();
         TopiaEntityAbstract entity = (TopiaEntityAbstract) source;
-
-        Class[] interfaces = entity.getClass().getInterfaces();
-        List<Class> asList = Arrays.asList(interfaces);
-        if (asList.contains(NoEntityVetoableReadListener.class)) {
-            if (log.isDebugEnabled()) {
-                log.debug("[Security] load granted to : " + entity.getTopiaId());
+        
+        /* Vérification dans le cache */
+        Subject subject = Subject.getSubject(AccessController.getContext());
+        if (subject != null) {
+            boolean check = false;
+            boolean modified = false;
+            
+            for (Principal principal : subject.getPrincipals()) {
+                Object object = TopiaSecurityManagerImpl.cachingLOAD.get(entity.getTopiaId(), principal.getName());
+                
+                if(object != null) {
+                    check |= (Boolean) object;
+                    modified = true;
+                }
+            }
+            
+            if(modified) {
+                if(!check) {
+                    throw new SecurityException("Access denied to Read entity " + entity + " on " + event.getPropertyName());
+                }
+                return;
             }
-            return;
         }
 
         try {