Announcement Announcement Module
Collapse
No announcement yet.
ACL vs ROLE question Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • ACL vs ROLE question

    I have a web application that implements a service frontend.
    with many qury services exposed to many users.
    To understand the size of the application we can suppose a number of 100 services and a number of about 8000 users.
    Each user may or may not have access to one service.

    I cannot understand if is better to setup a role for each service or made a single role for authenticated users and manage the authorization problem via ACL.

    tanks.

  • #2
    So you're basically asking if you should go for ACL or ROLE based security? I think it very much depends on what you are trying to do. What your requirements are. What kind of security you are trying to implement. Etc....... Personally, ROLE based is very simply, straight forward and people generally understand it. If it makes sense, I would go with that. If roles aren't a natural fit, then ACL might make more sense.

    Comment


    • #3
      Does this mean I have either Roles OR ACLs?

      Because I am rewriting the security functionality for a Spring Webapp and I am collecting requirements right now to form a decision on how to implement the security features. If this is such an atomic decision, please let me know.

      Comment


      • #4
        I don't think it's an either or thing. I'm pretty sure I've read posts from people using a combination, you'd have to look into this.

        Comment


        • #5
          Thanks. From your other post I got the impression that you explicitely stated that is is either/or.

          Comment


          • #6
            Originally posted by grandfatha View Post
            Thanks. From your other post I got the impression that you explicitely stated that is is either/or.
            No I was simply trying to clarify what the actual question was . I thought it was "should I used ACL or ROLE?". I've never tried to use both so I really don't know, I guess you'd just have to give it a go. Apologies for any confusion.

            Comment


            • #7
              Alright, that made things clear. If I remember correctly, the Contacts Sample uses both Roles and ACL. But I am not sure.

              Comment


              • #8
                Thanks for the tip. I haven't looked at this in a while but I'll check it out later!

                Comment


                • #9
                  I checked it yesterday. It uses both, the only problem is... the example only contains *.class files. I cant figure out how the magic is done

                  Comment


                  • #10
                    I'm guessing you should be able to check out the source from the CVS repository.

                    Comment


                    • #11
                      Oh, I did not know it was in there. I ll have a look at it. Thanks for the advice. (Why do I have to think about AOP whenever I use the word advivce...)

                      Comment


                      • #12
                        Originally posted by grandfatha View Post
                        Oh, I did not know it was in there. I ll have a look at it. Thanks for the advice. (Why do I have to think about AOP whenever I use the word advivce...)
                        Probably for the same reason in my head people that write code in Groovy must all be tie-dyed wearing hippies .

                        Comment


                        • #13
                          Haha, very nice!

                          Comment

                          Working...
                          X