BlogJava-paulwong-随笔分类-权限管理http://www.blogjava.net/paulwong/category/53284.htmlzh-cnSun, 26 Mar 2017 17:57:11 GMTSun, 26 Mar 2017 17:57:11 GMT60SPRING CLOUD JWT资源http://www.blogjava.net/paulwong/archive/2017/03/24/432401.htmlpaulwongpaulwongFri, 24 Mar 2017 15:11:00 GMThttp://www.blogjava.net/paulwong/archive/2017/03/24/432401.htmlhttp://www.blogjava.net/paulwong/comments/432401.htmlhttp://www.blogjava.net/paulwong/archive/2017/03/24/432401.html#Feedback0http://www.blogjava.net/paulwong/comments/commentRss/432401.htmlhttp://www.blogjava.net/paulwong/services/trackbacks/432401.htmlhttps://github.com/thomas-kendall/trivia-microservices


一个Spring Boot, JWT,AugularJS接口安全验证的简单例子
http://blog.csdn.net/offbye/article/details/47607711



https://github.com/tuanngda/spring-boot-oauth2-demo


Spring Oauth2 with JWT Sample
http://www.tuicool.com/articles/EjUFZj7


http://stackoverflow.com/questions/38156213/spring-cloud-zuul-jwt-for-value-reference-tokens

paulwong 2017-03-24 23:11 发表评论
]]>权限管理要点参考http://www.blogjava.net/paulwong/archive/2013/01/28/394846.htmlpaulwongpaulwongMon, 28 Jan 2013 09:34:00 GMThttp://www.blogjava.net/paulwong/archive/2013/01/28/394846.htmlhttp://www.blogjava.net/paulwong/comments/394846.htmlhttp://www.blogjava.net/paulwong/archive/2013/01/28/394846.html#Feedback0http://www.blogjava.net/paulwong/comments/commentRss/394846.htmlhttp://www.blogjava.net/paulwong/services/trackbacks/394846.html


算法:



说明:
http://lilyproject.org/books/daisy_docs_book--2_3/publications/html-chunked/output/s182.html

注意:
此处的ACL可以是一个系统多个的,如某些情况用不同的ACL。
资源:可以指文档ID,页面ID之类的,由于文档可能很多个,因此用表达式代替之。
角色:指ROLE/USER之类的。
动作(PERMISSION):指操作类型,如读、写、删除等。
结果(ACTION):指GRANT、DENNY等。
具体实现方式:根据表达式进行运算,看哪个表达式为TRUE,则用哪个,再传入PERMISSION 类型,角色,看ACTION是GRANT还是DENNY,如果是GRANT则授权通过,DENNY则授权不通过。

paulwong 2013-01-28 17:34 发表评论
]]>