CHAPTER 21Sample Application: Security
A white door in a hawthorn hedge– / Who lives through there?A sorcerer? A wicked witch / With serpents in her hair? . . .A queen with slippers made of ice? / I’d love to see.A white door in a hawthorn hedge– / I wish I had a key.
—Richard Edwards (1949–), The Door
This chapter builds on the application you completed in Chapter 20 and implements authorization and authentication for the application. As shown in Figure 21-1, authorization for the TUHRA application is divided into four logical roles (represented by arrowed boxes): non-authenticated users (Public), the general user role (authenticated users without any specific privileges), the manager role, and the admin role. The application contains no hard-coded ...