// moving the question with more info from haskell-cafe to web-devel
Hallo,
I already wrote a message with the same subject to haskell-cafe without reply.
I did not found anything comparable to Spring Security[1][2] (Java) or Symfony
Security[3] (PHP) in Haskell. Both components are used in web applications to
grant or deny access to resources based on roles, ACLs or custom voters.
A naive strategy would be to port the concepts of both components, which are
very similar, to Haskell. They represent a lot of accumulated knowledge from
many experts about web security.
Or are there better ways to do web security in a powerful language like
Haskell?
There was some unfinished role-based-access-control effort in snap[4] that has
been removed from git now.
[4]
https://groups.google.com/forum/#!topic/snap_framework/yUgSEVpP2GE
There seem to be a more modern (and more complex) thing than Role-Based-
Access-Control now, XACML[5] which is used inside Red Hats JBoss[6].
[5]
http://en.wikipedia.org/wiki/XACML
[6]
http://picketlink.org/about
Regards, Thomas Koch