We've been talking about an ACL configuration file that would specify the ACL policies for resources. These ACLs would be installed upon deployment and would be available through the ACLProvider that has been configured for the security domain.

An example of the configuration file (jboss-acl-policy.xml?):

<jboss-acl xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="urn:jboss:jboss-acl-config:1.0"
 xmlns="urn:jboss:jboss-acl-config:1.0"
 xmlns:jbxb="urn:jboss:jboss-acl-config:1.0">

 <acl-definition resource="com.mycompany.Resource:XYZ">
 <entry>
 <identity-name>Administrator</identity-name>
 <permissions>CREATE,READ,UPDATE,DELETE</permissions>
 </entry>
 <entry>
 <identity-name>Guest</identity-name>
 <permissions>READ</permissions>
 </entry>
 </acl-definition>

 <!-- An extends attribute allows an ACL to inherit all the entries from its parent ACL -->
 <acl-definition resource="com.mycompany.Resource:ABC" extends="com.mycompany.Resource:XYZ">
 <entry>
 <identity-name>Regular_User</identity-name>
 <permissions>READ,UPDATE</permissions>
 </entry>
 <!-- This overrides the definition from the parent ACL -->
 <entry>
 <identity-name>Guest</identity-name>
 <permissions>READ,UPDATE</permissions>
 </entry>
 </acl-definition>

 </jboss-acl>

when deployed, the above configuration file would result in the creation of 2 ACLs: one for resource XYZ with 2 entries (Administrator and Guest) and one for resource ABC with 3 entries (Administrator, Guest and Regular_User). Code that wants to apply ACL checks would call the AuthorizationManager in order to verify if an identity has or not the expected permissions.

I'm opening this thread to gather opinions on this configuration file. Does it look ok? Do you think it is missing something? Would you specify the ACLs using a different schema?