12 Access Control Lists

In this chapter, we will address the complex topic of Access Control Lists (ACLs), which can provide a rich model of domain object instance-level authorization. Spring Security ships with a robust, but complicated, ACL module that can serve the needs of small to medium-sized implementations reasonably well.

In this chapter, we’ll cover the following topics:

Understanding the conceptual model of an ACL
Reviewing the terminology and application of ACL concepts in the Spring Security ACL module
Building and reviewing the database schema required to support Spring ACL
Configuring the Jim Bob CP Calendar (JBCP) calendar to use ACL-secured business methods via annotations and Spring beans
Performing advanced configuration, ...

Get Spring Security - Fourth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security - Fourth Edition by Badr Nasslahsen

12

Access Control Lists

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly