ESAPI Access Control

Revision as of 08:44, 11 December 2008 by Jerryh (Talk | contribs)

Jump to: navigation, search

Feature Overview


Possible Enhancements

Currently the access controller simply allows for lookup on an access control matrix. Enhancements will allow for special function(s) to be created for more complex access control rules (for example, a user has access to a file but only Monday - Friday, not on weekends).

So the simple case (lookup in an access control matrix:

  • isValid(user, action_string)

Custom Case

  • isValid(user, action_string, data)