Rule-Based Access Control

“Although Web servers can perform user authentication and coarse-grained authorization checking for applications, developers of Web services and SOAs often must write custom code to restrict access to certain features of their system, or customize the behavior or appearance, based on the identity of a user. Embedding authorization checking within an application is inflexible, prone to error, and increases its complexity. What if it were data-driven instead of implemented by program logic?”


  1. 2006-12-15 8:39 am
  2. 2006-12-15 10:30 am
  3. 2006-12-15 11:59 am