| sidebar_position | 4 |
|---|---|
| title | Access Control (WAC) |
| description | Web Access Control with .acl files |
JSS uses Web Access Control (WAC) for authorization via .acl files.
Each resource or container can have an .acl file that defines who can access it and how.
@prefix acl: <http://www.w3.org/ns/auth/acl#>.
@prefix foaf: <http://xmlns.com/foaf/0.1/>.
# Owner has full access
<#owner>
a acl:Authorization;
acl:agent <http://localhost:3000/alice/#me>;
acl:accessTo <./>;
acl:default <./>;
acl:mode acl:Read, acl:Write, acl:Control.
# Public can read
<#public>
a acl:Authorization;
acl:agentClass foaf:Agent;
acl:accessTo <./>;
acl:default <./>;
acl:mode acl:Read.| Mode | Permission |
|---|---|
acl:Read |
Read resources |
acl:Write |
Create, update, delete |
acl:Append |
Add to container only |
acl:Control |
Modify ACL files |
acl:agent- Specific WebIDacl:agentClass foaf:Agent- Anyone (public)acl:agentClass acl:AuthenticatedAgent- Any authenticated user