directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Directory Wiki] Update of "AuthXHome" by VincentTence
Date Wed, 14 Dec 2005 04:30:08 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Directory Wiki" for change notification.

The following page has been changed by VincentTence:
http://wiki.apache.org/directory/AuthXHome

------------------------------------------------------------------------------
  
  It's very easy to implement RBAC using AuthX rule mechanism. It's a
  matter of defining a set of rules that authorize access to a resource if
- a subject has a given principal - for instance , a specific
+ a subject has a given principal - for instance , a specific principal that represents
- RolePrincipal. But you can do much more with rules.
+ a role. But you can do much more with rules.
  
  The way you define your rules is pluggable in AuthX, and 2 mechanisms
  are provided out-of-the box.
@@ -118, +118 @@

  For example, if we want to grant any permissions to canadian people, we
  would write it like this in XML:
  
+ {{{
  <policy>
     <grant>
         <subjects>
@@ -128, +129 @@

         </permissions>
     <grant>
  </policy>
+ }}}
  
  And like this in groovy:
  
+ {{{
  class GrantCanadiansAnythingRule {
  
     evaluate( request ) {
@@ -139, +142 @@

             request.grant()
     }
  }
- 
+ }}}
  
  Using a scripted language is much more powerful than using XML.
  One could envision defining its own domain specific language,

Mime
View raw message