Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

security: declarative vs. programmatic

 
Trailboss
Posts: 23815
IntelliJ IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Cliff,

Does your book make any recommendations on which is the better model for security: declarative vs. programmatic ???
 
Ranch Hand
Posts: 138
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Exceptions : Declarative or Programmatic???
[ January 18, 2006: Message edited by: Hemant Agarwal ]
 
Author
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Paul,

The question is, again, a good one. Unfortunately the answer is not simpmle.

There is lots of ground to cover here, and I won't address it all in this posting. E.g., there is programmatic access control, and there is rule-based access control.

Rule-based policy systems are problematic because they require an administrator to define rules about applications, and administrators generally do not understand business applications or even want to. My book talks about the distinction of access control rules and access control policy configuration. The former should be defined by the application builder, possibly using a programmatic approach; the latter should be set by the application administrator. The rules can be complex, but the policy set by an administrator should be simple and declarative.
 
I have always wanted to have a neighbor just like you - Fred Rogers. Tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/t/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic