我正在开发一个在JSP中用于GAE的应用程序。我们拥有一个包含Google Apps for Business的私人域,这意味着该应用程序仅适用于我的组织成员。不过,我想限制这些权限,以便只有特定的用户才能访问该应用。更好的是我想创建角色。不幸的是,从域管理页面,我无法为GAE应用程序定义权限。有什么我失踪?我必须手动处理它们吗?如果是这样,怎么样?唯一出现在我脑海的是一张电子表格,我在那里保存了权限,但这并不是那么聪明......谢谢。
解决方案我需要一个封闭的业务应用程序并编写自定义代码。 Java设计的每个安全对象都有一个。每个ACL保存为一个字符串,用于最少的数据存储开销并根据需要进行重构。资源访问被类似的东西守护:
if(resource.permissions.granted(user,operation){
/ /执行操作
} else {
//发送信息性'拒绝访问'响应
}
I am developing an application on GAE in JSP. We have a private domain with Google Apps for Business, that means that the application is only available for members of my organization. However I would like to restrict that permissions so that only certain users can access the app. Even better I would like to create roles. Unfortunately from the Domain Admin page I am not able to define permissions for the GAE application. Is there something I am missing? Do I have to handle them manually? If so, how? The only thing that came to my mind is a Spreadsheet where I save the permissions but that's not so clever... Thank you.
I needed that for a closed business application and wrote custom code. The Java design had an Access Control List per securable object. Each ACL was saved as a single String for least Datastore overhead and reconstructed on demand. Resource access was guarded with something like:
if (resource.permissions.granted(user, operation) {
// do the operation
} else {
// send an informative 'access denied' response
}
这篇关于如何处理GAE应用程序中的权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!