Distributed Services with Go

Authorize with Access Control Lists

Authentication is usually half of what you need from your auth process. You authenticate to know who’s behind the client so you can then complete the auth process by authorizing whoever is behind the client for whatever action they’ve attempted. As I mentioned earlier, authorization is the process of verifying what someone has access to.

The simplest way to implement authorization is with an access control list (ACL).^[26] An ACL is a table of rules where each row says something like “Subject A is permitted to do action B on object C.” For example: Alice is permitted to read Distributed Services with Go. In this example, Alice is the subject, to read is the action, and Distributed Services with Go is the object. ...

Get Distributed Services with Go now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Distributed Services with Go by Travis Jeffery

Authorize with Access Control Lists

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly