In this chapter, we focused on access control list based security and the specific details of how this type of security is implemented by the Spring ACL module. We did the following:
- Reviewed the basic concept of access control lists, and the many reasons why they can be very effective solutions to authorization.
- Learned key concepts related to the Spring ACL implementation, including access control entries, SIDs, and object identity.
- Examined the database schema and logical design required to support a hierarchical ACL system.
- Configured all the required Spring Beans to enable the Spring ACL module, and enhanced one of the service interfaces to use annotated method authorization. We then tied the existing users in our database, and business ...