Hi Yosi, What we implemented is essentially a data driven instance of the Strategy pattern. I'm not at liberty to divulge our design, but if you would like to investigate the use of our rules engine I'd be happy to hook you up with someone from EDS. Feel free to contact me directly.
Cheers, Ed -----Original Message----- From: Yosi Taguri [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 26, 2002 3:27 PM To: [EMAIL PROTECTED] Subject: Re: [ADVANCED-DOTNET] Authorization - more than just role based hi there... the magic lies in the rules engine. that what I was talking about when I wrote "MATCHING" u have a set of rules you need to validate and validate them fast. how did u do it? yosi On Mon, 25 Nov 2002 13:14:27 -0500, Pinto, Ed <[EMAIL PROTECTED]> wrote: >Yosi, >We have developed a general approach to this problem. >Define a request as an abstraction of a particular action within the system. > >Associate service oriented calls (ex. TransferMoney(...), or >CreateAccount(...)) with requests. >Use interception (Remoting Contexts, or HttpModules) on these service >oriented calls to then trigger authorization. From this interception >feed the Principal and the arguments to an authorization provider like >a rules engine, or specific rules code. > >Hope this helps, >Ed > >You can read messages from the Advanced DOTNET archive, unsubscribe >from Advanced DOTNET, or >subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
