This chapter discusses the kernel layer, which provides services used by several parts of the WAF system. This component was initially explained in Section 1.2.1 Kernel. This discussion focuses on the various parts of the kernel component which a developer will need in building for WAF.
For information on how to utilize the kernel in WAF applications, see Chapter 10 Kernel Tutorial.
Applications have users. A user is a person who uses an application to accomplish some purpose. In order to serve the needs of users, applications store information about the users. This information is used to personalize content, check the permission of a user initiated operation, and to provide information about a user to other users.
Users are organized into groups. The users in a groups are said to be members of the group. Groups can also be members of groups. A group exists so that several users and groups can be collectively identified as an entity.
Groups and users are the two types of parties. This parties system is one of the pieces of the kernel. The ability to refer to an entity that may be a group or a user provides flexibility to application authors in writing data models. An example is the definition of a group itself: 1 or more parties. This definition is recursive, but that recursion reflects the flexibility of having a party type.