reset password

Thoughts on CSNS2 Security

The main goal of CSNS2 is to support multiple departments. From the security perspective, this requires that access control decisions be made based on department-level roles instead of systemwide roles. For example, a CS department administrator should be able to manage all CS department resources like classes and surveys, but none of the Tech department resources. The security implementation should be clean (which means separating security code from application code), simple (by taking full advantage of what Spring Security provides), and of course, efficient.

Roles

Name Level Description
ROLE_ADMIN Systemwide A user with this role can create new departments and perform other system maintenance operations.
ROLE_USER Systemwide This role is assigned to users who already logged in.
ROLE_GUEST Systemwide This role is assigned to users who are not logged in.
DEPT_ROLE_ADMIN    
     
This page has been viewed 4357 times.