With the advent of general access computer networks, such as the Internet, people now have ready access to various computing and/or networking resources. Unfortunately, some people have taken advantage of such easy access, thus requiring the development of various authorization systems for authorizing resource access.
Various techniques are employed by such authorization systems. For example, some systems define an access control query, which uses a data path mechanism to dynamically create additional filter criteria to attach to a target query. As yet another example, traditional systems have also defined protection mechanism using hard-coded logic (e.g. one for protecting an account, one for sales opportunities, etc.), where restrictions are built directly into each operation or query to be protected.
Still yet, additional systems replicate relevant relational application data into an external security system. Such security system may take the form of an LDAP repository with a security framework such as a Java authentication and authorization system (JAAS), etc. As still yet another example, other systems have been developed which run a security check to disable an access button or the like for each protected resource. Still other systems trap a security check from a JAAS or the like, and run a query to check permissions.
Unfortunately, the foregoing techniques are plagued with drawbacks such as a lack of performance or effectiveness, possibly including, but not limited to a lack of ability to define new authorization roles during operation, a lack of ability to assign permissions dynamically during operation, etc.
There is thus a need for overcoming these and/or other problems associated with the prior art.