Flexess Security Modeler
The goal of the Flexess project is to provide an
extensible security framework for Java applications. The name Flexess
comes from: FLEXible accESS. Flexess is a component-based product, which adds to
the application access management capabilities. The solution allows to separate
security aspects from the main application logic. The product provides the
entire infrastructure starting from a tool, which allows creating an application
security model to the administrative web application, which manages the
assignments of the different access privileges to the users.
Main features:
- Security Modeling - Gives you possibility to create a model of the security features of the application. You can create a protected object Order, specify operations like "create", "read", "update", "delete" and provide constraints under which these operations are accessible.
- Role-Based Access Control - All the security aspects are modeled in terms of Users, Roles and Permissions.
- Parameterized Permissions - Permissions in Flexess are not strings, but can be parameterized with the attributes. For example, RegionalPermission has an attribute region and a constraint "Order.region=RegionalPermission .region". It means that this permission will be satisified, when the region attribute of Order matches the region attribute of the permission.
- Authorization - The minimal code can be done for authorization. To check if the user is authorized to create an order, you will need to invoke check(userId,order,"create").
- Authentication - Flexess provides an authentication module and can be integrated with existing authentication frameworks.
- Web Administration - Allows you to manage users, roles and permissions through the web interfaces.
- User Management- Maintains a database of users with customized user profiles.
Click on this link to get more detail: http://www.jresearchsoft.com/site/progView.do?id=200