[Haskell-cafe] no Web-Security component in Haskell?
42 views
Skip to first unread message
Thomas Koch
May 17, 2015, 2:09:26 AM5/17/15
to haskel...@haskell.org
Hallo,
I did not found anything comparable to Spring Security[1][2] (Java) or Symfony
Security[3] (PHP) in Haskell. Both components are used in web applications to
grant or deny access to resources based on roles, ACLs or custom voters.
A naive strategy would be to port the concepts of both components, which are
very similar, to Haskell. They represent a lot of accumulated knowledge from
many experts about web security.
Or are there better ways to do web security in a powerful language like
Haskell?
Regards, Thomas Koch
[1] http://projects.spring.io/spring-security
[2] http://docs.spring.io/autorepo/docs/spring-security/3.1.7.RELEASE/apidocs
[3]
http://api.symfony.com/master/Symfony/Component/Security/Core/SecurityContext.html
_______________________________________________
Haskell-Cafe mailing list
Haskel...@haskell.org
http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell-cafe
I did not found anything comparable to Spring Security[1][2] (Java) or Symfony
Security[3] (PHP) in Haskell. Both components are used in web applications to
grant or deny access to resources based on roles, ACLs or custom voters.
A naive strategy would be to port the concepts of both components, which are
very similar, to Haskell. They represent a lot of accumulated knowledge from
many experts about web security.
Or are there better ways to do web security in a powerful language like
Haskell?
Regards, Thomas Koch
[1] http://projects.spring.io/spring-security
[2] http://docs.spring.io/autorepo/docs/spring-security/3.1.7.RELEASE/apidocs
[3]
http://api.symfony.com/master/Symfony/Component/Security/Core/SecurityContext.html
_______________________________________________
Haskell-Cafe mailing list
Haskel...@haskell.org
http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell-cafe
Thomas Koch
May 23, 2015, 9:46:42 AM5/23/15
to haskel...@haskell.org, web-...@haskell.org
// moving the question with more info from haskell-cafe to web-devel
Hallo,
I already wrote a message with the same subject to haskell-cafe without reply.
I did not found anything comparable to Spring Security[1][2] (Java) or Symfony
Security[3] (PHP) in Haskell. Both components are used in web applications to
grant or deny access to resources based on roles, ACLs or custom voters.
been removed from git now.
[4] https://groups.google.com/forum/#!topic/snap_framework/yUgSEVpP2GE
There seem to be a more modern (and more complex) thing than Role-Based-
Access-Control now, XACML[5] which is used inside Red Hats JBoss[6].
[5] http://en.wikipedia.org/wiki/XACML
[6] http://picketlink.org/about
Regards, Thomas Koch
Hallo,
I already wrote a message with the same subject to haskell-cafe without reply.
I did not found anything comparable to Spring Security[1][2] (Java) or Symfony
Security[3] (PHP) in Haskell. Both components are used in web applications to
grant or deny access to resources based on roles, ACLs or custom voters.
[1] http://projects.spring.io/spring-security
[2] http://docs.spring.io/autorepo/docs/spring-security/3.1.7.RELEASE/apidocs
[3]
http://api.symfony.com/master/Symfony/Component/Security/Core/SecurityContext.html
[2] http://docs.spring.io/autorepo/docs/spring-security/3.1.7.RELEASE/apidocs
[3]
http://api.symfony.com/master/Symfony/Component/Security/Core/SecurityContext.html
A naive strategy would be to port the concepts of both components, which are
very similar, to Haskell. They represent a lot of accumulated knowledge from
many experts about web security.
Or are there better ways to do web security in a powerful language like
Haskell?
There was some unfinished role-based-access-control effort in snap[4] that has
very similar, to Haskell. They represent a lot of accumulated knowledge from
many experts about web security.
Or are there better ways to do web security in a powerful language like
Haskell?
been removed from git now.
[4] https://groups.google.com/forum/#!topic/snap_framework/yUgSEVpP2GE
There seem to be a more modern (and more complex) thing than Role-Based-
Access-Control now, XACML[5] which is used inside Red Hats JBoss[6].
[5] http://en.wikipedia.org/wiki/XACML
[6] http://picketlink.org/about
Regards, Thomas Koch
José A. Romero L.
May 28, 2015, 2:23:31 PM5/28/15
to tho...@koch.ro, Haskell Café
There's yesod-auth:
http://www.yesodweb.com/book/authentication-and-authorization
https://hackage.haskell.org/package/yesod-auth
Cheers,http://www.yesodweb.com/book/authentication-and-authorization
https://hackage.haskell.org/package/yesod-auth
--
José A. Romero L.
escher...@gmail.com
"We who cut mere stones must always be envisioning cathedrals."
(Quarry worker's creed)
escher...@gmail.com
"We who cut mere stones must always be envisioning cathedrals."
(Quarry worker's creed)
Reply all
Reply to author
Forward
0 new messages