<p dir="ltr">On 26 Feb 2014 12:05, "Jonathan Matthews" <<a href="mailto:contact@jpluscplusm.com">contact@jpluscplusm.com</a>> wrote:<br>
><br>
> Hi all -<br>
><br>
> I spent some time poking at a interesting problem that came up last<br>
> night, and ended up with this primitive RBAC system, implemented in<br>
> declarative nginx config.</p>
<p dir="ltr">Thanks to the couple of people who reminded me this may not be a frequently-used term on this list :-)</p>
<p dir="ltr">Role Based Access Control systems are a technique for limiting access to resources based on people belonging to groups (roles) and not being granted access individually: <a href="https://en.wikipedia.org/wiki/Role-based_access_control">https://en.wikipedia.org/wiki/Role-based_access_control</a></p>
<p dir="ltr">In this case, the resources are URIs, potentially proxy_pass'd, and the users are HTTP basic auth users. My implementation is nothing special, but I'd not seen a reasonably scalable one implemented purely in declarative nginx configuration syntax before :-)</p>
<p dir="ltr">Anyway, tell me why it sucks ... <a href="https://gist.github.com/jpluscplusm/9227777">https://gist.github.com/jpluscplusm/9227777</a></p>
<p dir="ltr">J</p>