wiki:S3/S3AAA

Version 6 (modified by Dominic König, 11 years ago) ( diff )

--

S3 Authentication, Authorization and Accounting

Authentication is the act of establishing or confirming someone's identity.
Authorization is the concept of allowing access to resources only to those permitted to use them.
Accounting refers to the tracking of user actions - an audit trail.

Overview

AAA functions for S3 are implemented in the modules/s3/s3aaa.py module. This module extends the web2py Auth class as AuthS3 (Authentication), and defines additional classes for role management, access control and audit.

ComponentLocationFunction
AuthS3modules/s3/s3aaa.pyAuthentication, Login
S3Permissionmodules/s3/s3aaa.pyAuthorization of Access, ACLs
S3Auditmodules/s3/s3aaa.pyData access logging, audit trail
S3RoleManagermodules/s3/s3aaa.pyRESTful method to manage roles and ACLs
Admin controllerscontrollers/admin.pyUser Management, role management

Roles

ACLs

Record Ownership

Controller Restriction

Resource Restriction

Implementation of Access Control

s3_has_permission

s3_accessible_query

Data Access Logging (Audit)

Authentication

Interactive Login

HTTP Simple Authentication


DeveloperGuidelinesS3Framework

Note: See TracWiki for help on using the wiki.