Differences between current version and predecessor to the previous major change of RobertButler/Authorization.
Other diffs: Previous Revision, Previous Author
| Newer page: | version 4 | Last edited on Thursday, 27 March 2008 15:19:38 | by RobertButler | |
| Older page: | version 3 | Last edited on Thursday, 13 March 2008 5:12:12 | by CyberLeo | Revert |
@@ -2,10 +2,11 @@
!!! [HMAC Authorization|RobertButler/Authorization]
* ACL-type
* Groupings possible (which inherit groups of ACLs)
+** Groups are users with one level of indirection.
* Permissions based
** Expensive permissions checks are done once, when asking for permission
** Permissions only requested when needed for the session
*** Saves processing time for simple one-time actions
** Once permission is granted, token is 'upgraded' to include the requested permission
** Frequent permissions checks check only the token, not the ACL table.
current version
HMAC Authentication
HMAC Authorization
- ACL-type
Groupings possible (which inherit groups of ACLs)
- Groups are users with one level of indirection.
Permissions based
- Expensive permissions checks are done once, when asking for permission
Permissions only requested when needed for the session
- Saves processing time for simple one-time actions
- Once permission is granted, token is 'upgraded' to include the requested permission
- Frequent permissions checks check only the token, not the ACL table.