Answer the question
In order to leave comments, you need to log in
B
B
BonBon Slick2021-03-26 00:12:14
BonBon Slick, 2021-03-26 00:12:14
How stubborn is XACML?
It's hard for me to imagine what the system should be like.
- As I understand it, it will be cheaper to take it to a microservice, right?
- What is the size of the application, the company to use such a tool?
- In what situations and under what tasks can it be rationally, consciously applied?
As I understand it, everyone implements RBAC, the maximum ACL is self-written, simple or more advanced. This covers 99% of cases, although it imposes restrictions in terms of flexibility. Less common ABAC and more advanced XACML are the most flexible examples I've seen, but a clear overkill for almost all projects. RBAC and ACL are good, but up to a certain point.
Until you have 100,000+ roles or 1,000,000,000,000+ AE entries in the
Attribute-Based Access Control in Symfony
UPD ACL. In the end, I implemented a simple ACL specifically for my domain, which is much better than digging into the hierarchy of roles or multi-roles in RBAC.
1 answer(s)
@BonBonSlick
I
Ivan Shumov, 2021-03-26 @BonBonSlick
He did not overkill because many libraries and services implement it today. You don't even need to know about it. Look towards casbin or OpenPolicyAgent
Similar questions
F
A
D
D
dmkichigin12018-07-14 15:18:47
What warehouse accounting system to choose for the online store?
3Reply
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question