[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Handling NotApplicable
How do you handle NotApplicable? My PEP has a method in Java implementation void checkPermissions(...). It raises an exception if user is not authorized to execute an action, which means anything but "Permit". "Deny" is also easy. In addition to throwing exception, I also log this event as a warning. In a well designed webapp, this shouldn't happen often. What to do with NotApplicable decision? I decided that it's bad thing to have this, because in my case it indicates that policy wasn't found or something more serious. So, I log this as an error or alert. Unlike, "Deny" this should be dealt with. Thanks, Argyn
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]