Show TOC

Access Control ListsLocate this document in the navigation structure

Use

A development component (DC) can restrict the number of DCs that are allowed to use it. To do this, you define an Access Control List (ACL). Only those DCs that are named in this ACL are allowed to declare dependencies to the DC. In the same sense, a public part may grant access only to selected other DCs. Access can be granted on any level of a DC hierarchy. The purpose of an ACL is to restrict the number of allowed dependencies.

The component model allows you to specify for an individual grant in an ACL if entity forwarding is allowed. This flag determines if a using Development Component (DC) may have entity references to the affected public part(s) of the used DC. This allows two ways of granting access to using components:

  • The using component may use the DC and forward the public part content as part of its public part. This includes the option to publish this content with a less restrictive ACL. (Forwarding Allowed=true) Granting access to a DC with forwarding allowed means you highly trust the owner of that DC.

  • The using component may use the DC or public part (to compile against it, to pack it into a deployable result). However, it is not allowed to expose the content of the used public parts in its own public parts. (Forwarding Allowed=false). In this case, the using DC has no chance to offer the used API with a less restrictive ACL.

If you want to prevent someone from forwarding your API (maybe with a less restrictive ACL), then set the Forwarding Allowed to false.

Preventing forwarding may be a good idea for anonymous grants (dcname="*" or scname="*" ) because in that case you normally do not know the users and whether you should "trust" them.

Example

In the following figure, objects of public part ppY of child DC Y are propagated to a public part ppA of parent DC A . This public part grants access only to a certain DC C . Component C can declare a dependency to ppA only if its parent DC B allows it. This is shown in the example. Note that DC B itself is not allowed to declare dependencies to ppA , even though, according to the general rules, ppA would actually be visible to B . Neither is DC D allowed to use ppA , even though it is on the same hierarchy level as C .

In addition, DC Z defines a public part ppZ , whose use of DC D is restricted. Nevertheless, DC D is not allowed to declare a dependency to ppZ , since its parent DC B prohibits this.

Figure 1: ACL Restrictions Between Development Components