Pow2ACL is a java package that implements an access control list security system (ACL). An ACL stores informations about application users, their roles and the roles permissions. Having those informations, a multi-user application can test:

  • the permissions of the application users;

    example: has a given user got the permission to execute a certain action ?

  • the roles of the application users;

    example: has a given user the business manager role mandatory to view the customers data stored into the application database ?

  • the permissions of a certain role;

    example: can users with administrator role delete the incoming customer orders ?

Pow2ACL provides:

  • a simple API for Java developers
  • a JSP ACL tag library useful to test ACL assertions directly into JSP pages
  • the integration with Struts applications by ACL action classes
  • a web interface to manage the ACL data base
  • a suite of regression tests that uses the Jakarta Cactus framework to execute the tests into a live servlet container
See the features list page for further details.