Ask HN: Practical ways to handle authorization logic

1 points by brentjanderson ↗ HN
There doesn't seem to be a generally accepted approach to express and apply Authorization Logic. Ruby on Rails popularized a certain style of web application framework (MVC, ActiveRecord). Is there a similar set of concepts for applying a flexible authorization scheme generally?

* Many applications use ACLs ("If you're an admin, you can do this thing") * some use variations of RBAC * Most seem home-rolled in some way, and existing frameworks seem too complicated/opinionated

0 comments

[ 0.30 ms ] story [ 8.1 ms ] thread

No comments yet.