Interesting, I found another Apache incubating project called OpenAZ that aimed to supply tools and libs for ABAC(Attribute-based Access Control) development:
https://wiki.apache.org/incubator/OpenAZProposal Can I ask why another access control project under Apache? Can anyone here please help me how can I implement a attribute-based access control, does Shiro have natural support for ABAC, or using other opensource project like OpenAZ(still incubating though)? On Sat, May 21, 2016 at 2:29 PM, Sigmund Lee <[email protected]> wrote: > We need a *externalized *access control system since authorization we > currently implemented is hard-coded everywhere and was so hard to maintain. > So I googled and found a interesting article on Shiro official site: > > > http://shiro.apache.org/2011/05/24/the-new-rbac-resource-based-access-control.html > > About models of Access Control, there are many: > https://en.wikipedia.org/wiki/Access_control#Access_control_models > > But *Resource-Based Access Control* is not on the list, and I cant find > any page on web about this model except above link. > > So my question is, is this *Resource-Based Access Control *similar or* > identical to* ABAC(Attribute-based access control)? Can I *adopt* Shiro > as our Access Control solution based on *attributes of* Subject/user, > *resource*(aware of this, that's why role-based access control is > inappropriate) and environment/context? > > >
