Designing a Protected Server
The designer of a server application that assigns security to private object
types must make many decisions about the design of the security interface, such
as those in the following list:
- Define object.
- Determine the types of objects and the access types required, including
whether to support SYNCHRONIZE.
- Determine whether an object is a container or noncontainer, as well as the
appropriate inheritance flags.
- Define appropriate access types and generic mappings.
- Determine impersonation characteristics.
- Develop security descriptor for the initial object and for new objects
assembled from the parent's security descriptor and the client's access token.
- Consider string- versus handle-based object-manipulation functions.
- Resolve potential conflicts in access rights. For example, decide what is to be done if an administrator and a user both
have delete access to an object.
For example, the designer of a protected print server might choose to define a
server object, a printer object, and a document object. The three access
rights in the following table are likely to be required:
Access right
| Description
|
Administrate
| Allows the holder to add objects to and delete them from another object. This
right applies to the server, the printers, and the documents.
|
Enumerate
| Allows the holder to list a container object's contents. This right applies to
the server and to the printers.
|
Use
| Allow the holder to add items to a print queue. This right applies to the
printers.
|
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database