1 views collected around this technical thread.
This guide walks you through Squid's features, how it works, hardware requirements, step‑by‑step installation, default and custom configuration, initialization, testing, and detailed ACL examples to control access and improve network performance on Linux systems.
This article outlines the background, architectural design, implementation details, and future roadmap of an internet‑boundary cloud firewall built on DPDK, covering physical and software structures, traffic steering, rule matching logic, and planned enhancements such as logging and traffic analysis.
This article explains the five mainstream access control models—ACL, DAC, MAC, ABAC, and RBAC—detailing their principles, examples, advantages, drawbacks, and practical extensions such as role hierarchies, constraints, and real‑world system design considerations for user, role, and permission management.
The article presents a comprehensive design for securing third‑party API calls by generating unique Access Key/Secret Key pairs, defining permission scopes, implementing signature generation and verification, employing timestamps and nonces to prevent replay attacks, and outlining practical API endpoint specifications and response standards.
This article explains why permission management is essential, describes various permission models from basic data‑view and edit rights to hierarchical menu and button controls, introduces role‑based access control (RBAC) and its extensions such as role inheritance, constraints, user groups, organizations and positions, and finally presents ideal RBAC table designs for large‑scale systems.
This article explains how to build a scalable, maintainable permission control framework in Java by defining custom annotations, designing relational database tables, and using Spring AOP to intercept method calls for organization‑level, personal, limit, and special‑role checks, while providing implementation details and best‑practice recommendations.
This article explains the fundamentals, architecture, workflow, and practical scenarios of Single Sign-On (SSO), illustrating how a centralized authentication server enables users to log in once and seamlessly access multiple trusted applications, while also offering resources for deeper study.
This article explains why many admin frameworks ignore 403 pages, compares common handling strategies, and presents a practical solution that replaces the component of unauthorized routes with a dedicated 403 component while preserving the original URL, complete with code examples and visual demos.
This article compiles practical insights from Zhihu discussions and real‑world experience on preventing insider spying and tampering with databases, covering least‑privilege policies, mutual supervision, strict access controls, audit mechanisms, and cultural factors that shape effective information security operations.
This article explains three practical approaches—microservice isolation, Redis‑based whitelist, and gateway‑AOP header checks—to restrict APIs to internal calls only, and provides detailed Spring Cloud code examples for the preferred AOP solution.
This article explains the fundamentals of JSON Web Tokens (JWT), compares token‑based authentication with traditional session authentication, outlines common security threats such as theft, replay, and forgery, and presents practical measures—including HTTPS, encryption, secure storage, short lifetimes, two‑factor authentication, and safe token refresh—to protect token integrity in modern web applications.
This article explains how Laravel's policy-based authorization works, covering policy creation, registration, usage in controllers and Blade, custom methods, response handling, guest user support, and testing, with full code examples for implementing secure and maintainable access control.
This article explains the concepts of role‑based access control (RBAC), compares RBAC models, shows how to configure permissions and user groups, and provides step‑by‑step code examples for integrating Spring Security with JWT, JSON login, password encryption and database authentication in Java backend applications.
This article explains why permission management is essential for data security, describes various permission models including standard RBAC, role inheritance, constraints, user groups, organizations, and positions, and provides detailed database table designs for implementing an ideal RBAC system in complex enterprises.
This article explains the concepts and models of Role‑Based Access Control (RBAC), demonstrates how to configure Spring Security for in‑memory and JWT‑based authentication, and provides complete Java code examples for permissions, user groups, password encryption, and custom login filters.
This article explains the fundamentals of access control by reviewing five major permission models—ACL, DAC, MAC, ABAC, and RBAC—then dives into RBAC extensions and practical guidelines for designing user, role, and permission management in real‑world systems, covering menu, operation, and data-level controls.
This article explains the fundamentals of Role‑Based Access Control (RBAC), its model classifications, permission concepts, and user‑group usage, then demonstrates how to implement RBAC in a Spring Security application, including in‑memory authentication, JWT integration, JSON login, and password encryption techniques.
This article introduces Tencent's Big Data Processing Suite (TBDS), discusses challenges of data silos, and presents Gravitino's open‑source unified metadata service and permission model, detailing how it integrates Hadoop, MPP, and various catalog plugins to provide consistent access control across heterogeneous data platforms.
This article explains the fundamentals of role‑based access control (RBAC), its model variants, and user‑group usage, then demonstrates how to configure Spring Security with in‑memory authentication, integrate JWT for stateless token‑based authentication, customize JSON login, and securely encrypt passwords using BCrypt.
This article explains how the hierarchical security model in Microsoft Dataverse extends existing security mechanisms by introducing manager and position hierarchies, details their configuration, access rules, performance tips, and how to include or exclude records of disabled users.