Web 2.0 Access Control: Part 3

This is the final article in a three-part series on Web 2.0 access control. In preceding articles we descibed how the principles of user-centric identity and organization-centric authorization support the "outsourcing" of access control in Web application development. We recommended a set of access control "best practices." In this article we look at an example […]

This is the final article in a three-part series on Web 2.0 access control. In preceding articles we descibed how the principles of user-centric identity and organization-centric authorization support the "outsourcing" of access control in Web application development. We recommended a set of access control "best practices."

In this article we look at an example of these practices in action using a dummy PHP application called FooApp. The examples make use of DACS – the Distributed Access Control System. DACS provides lightweight, high-performance distributed access control and single sign-on across a federation of Apache HTTP servers.

At the heart of DACS is a powerful “rules engine” which enforces organization access control policies expressed in a compact XML syntax. The DACS engine is the basis for an Apache module, mod_auth_dacs which implements access control on all “DACS-wrapped” Web content and services served by Apache. The same rules engine drives a standalone command,(dacscheck), which may be used by any application (Web or otherwise) to externalize access control logic. Another command, dacstransform, dynamically customizes the content of an HTTP response based on attributes of the request. The author’s demonstration site provides numerous examples of DACS lightweight access control.

Continue to read full article....

Web 2.0, Access Control, Part 3

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.