Web Application - User Management - RBAC

Remi Delon remi at cherrypy.org
Fri Aug 27 18:26:59 CEST 2004


> I would like to implement RBAC(Role Based Access Control) in the app. How would
> one best go about that ?

Well, CherryPy comes with a module called "CookieSessionAuthenticate"
but it provides only 2 states: either a user is logged or he's not.
If a user is logged in then you'll get automatically his username.
You'll have to write your own code that checks the privileges that
this user has and if he's allowed to do such and such action or not.

It also depends on what level of precision you want the privileges to
have (it could be at the URL level or at the individual function call
level) ...

But overall, it shouldn't be too hard to implement thanks to Python
:-)

Regards,

Remi.



More information about the Python-list mailing list