Authorizathion Too Complex

Authorizathion Too Complex

Old forum URL: forums.lhotka.net/forums/t/7382.aspx

SkydiverFL posted on Saturday, August 01, 2009

Just watching video #2 for the first time. The authourization logic seems quite granular and tedious (having to specify read,write, and execute specifically for groups). Does anyone have any examples of doing this dynamically?

david.wendelken replied on Wednesday, August 05, 2009

It's only complex if you have complex requirements.  If you have simple requirements, it's a snap.

 

RockfordLhotka replied on Wednesday, August 05, 2009

Are you trying to restrict the read/write on every property in your app individually? That is complex, but is very rare.

Most properties of most apps are unrestricted - at least for read - and so require no code.

If you really do have super-granular authz requirements from your business users, then it is true that it can get complex - but that's true of any authz implementation with complex business requirements.

Can you clarify a bit as to why you expect this to become complex for you?

Copyright (c) Marimer LLC