Introduction
Ralasafe is a fine-grained ACL middleware written in java. Security policies are decoupled from business code, centralized and managed with GUI. It can be learned in 5 minutes, only little IT knowledge is required.
Unlike TAM(IBM Tivoli Access Manager) nor OES(Oracle Entitlements Server), ralasafe is lightweight, and the process of querying data from database can be controlled. Unlike SS(Spring Security), ralasafe acts as a service, rather than a framework, with almost no Java/XML programming.
Ralasafe is available under MIT license.
Situation Examples:
- ERP: The manager of head office can query all bills, while the manager of California branch can only query California and its sub-branchs' bills;
- ATM withdraw: the withdrawal limit is set to be $5,000 each time, and the total daily withdrawal limit should be less than $20,000;
- Web elements like combox: when the manager of head office logins, all branch organizations will be displayed; while manager of California branch logins, displays California's sub-branchs will be displayed.
- ......
Benefit:
- Optimizing the system structure by decoupling security policies from business codes;
- Out-of-box for use, no need to change your system and database. It's not a framework;
- Saving a lot of programming: almost all queries programming and all policy decisions programming;
- Controllable security for end-users;
- Less influence when the requirement is changed.
