Force-Field
-
Version
4.1.0
The component accomplishes main tasks in building a
security scheme for your application. It performs
authentification and authorization of users: controls
access of certain users to some system objects.
The core advantages
ž Reducing of development costs by using third-party
software.
ž The component can be integrated with an application
on any phase of the project.
ž Security scheme is easy to change; you don't have
to modify the source code of your application. Just
add new access rules using the component.
How does it work?
Users are organized into groups (roles). Access rules
are defined not only for a certain user, but for all
members of a group. All objects of an application are
organized into a hierarchical structure. On the top
level there is a root object. The list of user's
roles is inherited when we move between different
levels of structure. There is an access class
associated with every object. An access class
contains a number of rules. System receives a user
request to perform a certain operation. It checks
access class of this object by looking for a rule
matching given situation. A rule can contain
instruction to inherit the result of access control
from the parent object. In this case system checks
access permissions of the parent object. The result
(admittance or prohibition) is used to answer to the
request. If the rule isn't found, the operation is
considered as forbidden. Access classes support
inheritance. In that case a child class inherits all
rules from the base class. If you need to set special
access rules for a certain object, you could create
an implicit class. It can be independent or based on
an existent access class.
The component can be integrated with an application
on any phase of the project.
|