W3C home > Mailing lists > Public > public-rww@w3.org > November 2012

Re: [WAC] regexps in WebAccessControl

From: mike amundsen <mamund@yahoo.com>
Date: Sun, 18 Nov 2012 12:09:35 -0500
Message-ID: <CAPW_8m7OacAVt0J+V=PmMJ8nqnX8jt-doUOhiumJL1xOEeBYbw@mail.gmail.com>
To: nathan@webr3.org
Cc: Ruben Verborgh <ruben.verborgh@ugent.be>, Read-Write-Web <public-rww@w3.org>
ok, can't let this go....

This couples your access control to your URI structure.
yes, it does.

i *always* (as far back as i can remember) secure the interface (resources
on the server) via the URL. in fact, i use:

Access[true/false] = (URL + Protocol_Method + User_Identity)

for first-line authorization.

tell me why this is a problem.

skype: mca.amundsen

On Sun, Nov 18, 2012 at 10:49 AM, Nathan <nathan@webr3.org> wrote:

> Ruben Verborgh wrote:
>>  It is often useful to be able to specify that all resources in a
>>> collection ( a directory ) or a whole namespace (say all resources
>>> under /user/jack/.*
>> This couples your access control to your URI structure. Iím not sure you
>> want to do that.
> Agreed.
Received on Sunday, 18 November 2012 17:10:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:40:04 UTC