W3C home > Mailing lists > Public > public-rww@w3.org > November 2012

Re: [WAC] regexps in WebAccessControl

From: Henry Story <henry.story@bblfish.net>
Date: Sun, 18 Nov 2012 20:50:53 +0100
Message-Id: <C36EEFD1-733D-4624-AE79-74E418904474@bblfish.net>
To: Ruben Verborgh <ruben.verborgh@ugent.be>, Read-Write-Web <public-rww@w3.org>

On 18 Nov 2012, at 15:58, Ruben Verborgh <ruben.verborgh@ugent.be> wrote:

>> It is often useful to be able to specify that all resources in a 
>> collection ( a directory ) or a whole namespace (say all resources
>> under /user/jack/.*
> This couples your access control to your URI structure. Iím not sure you want to do that.

It does not force you to do that, it allows you to do it. In many cases it is perfectly
legitimate to do that, and in fact one very popular interpretation of REST people
think that nice readable URIs is a good thing. I think you'll find that in many
web apps such namespace hierarchies are what web server's do naturally. In fact just
think of Apaches ~name hierarchy as a clear example.

You can use both together. Your ACL document could say:

  []  wac:accessToClass [ wac:regex "http://joe.example/blog/.*" ];
      wac:accessTo <http://joe.example/feed>
      wac:agentClass foaf:Agent;
      wac:mode wac:Read .

Of course you don't need regex's at all. See all the examples on
for examples of that.

For large sites and Apache web servers on the other hand 
it could make things a lot more efficient though.

Ah don't forget that you can also have one ACL file link to other ACL
files to include them.


> Ruben

Social Web Architect

Received on Sunday, 18 November 2012 19:51:26 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:40:04 UTC