How to connect ACL with protected resources?

Question

How to connect ACL with protected resources?

What is the best way to connect an ACL with a secure resource?

1) If the protected resource contains a link to its ACL?

interface AclHolder {
    Acl getAcl();
}

That would be simple, but if an object lives in a database, it must be constructed before access permissions can be verified.

2) Spring Security uses a mechanism with the fully qualified class name and object identifier to attach and retrieve ACLs from the outside. This can lead to the problem of selecting n + 1, since several ACLs cannot be selected by a specific criterion. This system can break down if class names change during refactoring.

3) Another way could be to save a reference to a protected resource in the ACL. With lazy loading, you could check the ACL without loading a protected resource from the database.

class Acl<T> {
    @Lazy public T protectedResource;
    // acl methods ...
}

4) (, ):

class SecurityDescriptor<T> {
  public Acl acl;
  @Lazy public T protectedResource;
  // ...
}

?

:. AclHolder, , ACL, .

+3

security spring-security acl

deamon 12 . '10 15:44

1

redzedi · Answer 1 · 2013-02-15T17:30:06+0000

spring acl , , , acl, , spring -security annotations, , u dont n + 1, , , jdbc.
, acl_class , , . spring -security acl- - acl (, ur , ).

How to connect ACL with protected resources?

More articles: