SAN FRANCISCO - eTradeWire -- Our KFC project employs a microservice architecture, with components written in various languages and runtime environments, such as .NET, Ruby, and Go. Many of these components need to be able to make decisions based upon the authorization status of a user: who are they, what roles do they belong to, what actions are they able to perform, and to what?

We needed a consistent way to use role-based access control between multiple independent languages, and we also needed a way to manage the permissions and access control lists (ACLs). We discovered Casbin, an authorization library that was implemented in a variety of different languages. But there was one snag: we needed a Ruby implementation, and Casbin had not yet been ported to Ruby. So, we decided to do it ourselves, and the result is Casbin-Ruby. Read more about the Casbin-Ruby open-source project.

More on eTradeWire News

• Metro Commercial brokers deal for BJ's Wholesale Club in West Palm Beach, FL
• IBCT Launches International Crisis Communications Training Program
• Love & Insurance: Managing Marriage and Divorce
• L-Strategies political and business consulting firm launched by partners Angie Wong and Jared Craig with Donna and Stan Fitzgerald
• YMCA of the Rockies Hosts 8th Annual Mountaineering Weekend Celebrating Accessibility of Safe Spaces in the Outdoors for All

How does it work?

At its simplest, each microservice has access to two files, which are distributed across the system. The first contains a list of the users, groups, roles, and so on — in other words, it defines the authorization principles. The second contains the mappings between the principals: in effect, it is an amalgamation of all of the access control lists used by the system.

This provides the solution for the very core of our challenge: decentralization (or distributed) management of users, roles, and what they can do.

https://evrone.com/kfc
https://evrone.com/casbin-ruby