Pyntax

Aggregating the Future

access control java rest api security spring

Simple Attribute-Based Access Control With Spring Security

ByMostafa Eltaher

Jun 5, 2017

DZone

Introduction

Have you ever worked on software where the access rules are based not only on the user’s role but also on the specific entity that role was granted on (i.e. Scoped Roles), something like "Project Manager can add users to HIS PROJECT ONLY", "Store Agent can access Store Information for HIS STORE ONLY",  or "Document Owner can modify HIS DOCUMENTS"?

Or, where the access rules are based on context, where the access happens, like time, user-network, or channel (like web-site, mobile-app, some-internal-system, etc.). For example "This resource can be accessed only DURING OFFICE HOURS or ONLY FROM OFFICE NETWORK"?

Source: DZone

By Mostafa Eltaher

Related Post

cassandra java software architecture software architecture design visualization

The Power of Software Visualization

May 30, 2021 Alexander Von Zitzewitz
java log4j spring boot spring boot tutorial spring boot tutorial for beginners video

How to Configure log4j2 In a Spring Boot Application? | Spring Boot Logging [Video]

May 29, 2021 Ram N
cloud native java kotlin spring

Cloud Native Java by Josh Long

May 28, 2021 Otavio Santana

You missed

Uncategorized

Teslas made in Texas will likely have to leave the state before Texans can buy them

May 30, 2021 A Word From Our Sponsor
Uncategorized

MagSafe used to fish out iPhone 12 Pro dropped in canal

May 30, 2021
Uncategorized

Wacom Cintiq Pro 24 Touch review: Beautiful but needs improvement

May 30, 2021
Uncategorized

Google made it hard for users to keep location data private

May 30, 2021