Hi Elad
I've integrated the Sun XACML library into a cocoon project recently for handling authorization. It provides policy-based access
for resources, where policy rules are evaluated using subject, resource, and environment attributes. Let me know if you'd like
further information.
Cheers Adam
On 7 Apr, 2005, at 12:20 AM, Messing, Elad wrote:
Hello All
������� I am looking for the best way to handle authorization in my application.
������� Authentication is handled nicely by the Auth. Framework, but I cannot seem to find the hook for the authorization..
������� What I mean is, once a user is requesting for a resource, the Auth.
Framework is checking if the user authenticated - I.E. already passed through the login procedure, and now has a session with the auth.
Context etc. This is good, but I also need to check if the user - now that I know it has been authenticated - has the authorization of accessing the specific resource.
������� I was looking for an "Authorizator" interface, or something similar, to allow me a hook where I can introduce the code that will use the user's Role, with my database of permissions. I cannot seem to find it..
������� What would you suggest ?
������� Thank you !
Elad Messing
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
