Versions Compared

Old Version 3

changes.mady.by.user Patrick Ahmed (Unlicensed)

Saved on

compared with

New Version 4

changes.mady.by.user Patrick Ahmed (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There are many different ways of doing authorization with Ceptor - ranging from simple role-based authorization checking in the Ceptor Gateway before a request is allowed to continue over centrally configured attribute-based checking to complete custom scripts which can implement any kind of checking they wish based upon the available information about the user, his roles, the resource he is attempting to access, and the data he is accessing it with.

...

An ACL might have a number of data policies attached to it that is used for Attribute-Based Access Control (ABAC) or it might only be a simple ACL with simple group membership.

...

Note that the view of DataPolicyEntry above is somewhat simplified - in reality, it contains several more attributes such as java class/methods names, C program / function names etc. that are used depending on what policy implementations are in use.

ABAC (Attribute-Based Access Control)

Attribute-Based Access Control or ABAC differs from RBAC in the sense that access decisions are based upon attributes, it can be anything from department or job function to haircolor, shoesize or time of day.

...