Default Authorization Providers

They rely on the model information for deciding on the required authorizations and the attributes that are authorization-relevant.

If the modeled authorizations are sufficient for the application, no further action must be taken. The default authorization provider is instantiated transparently and used by the SADL Engine.

If they are not sufficient, the application may use a parameterized generic authorization provider (if applicable), or create and provide its own authorization provider, as described in the following paragraphs.

Authorization providers created and registered by the application will always overwrite default authorization providers.