Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns

Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. In Daniel Schwabe, Francisco Curbera, Paul Dantzig, editors, Proceedings of the Eighth International Conference on Web Engineering, ICWE 2008, 14-18 July 2008, Yorktown Heights, New York, USA. pages 175-188, IEEE, 2008. [doi]

Abstract

In this paper, we present the extension of WebDSL, a domain-specific
language for web application development, with abstractions for
declarative definition of access control. The extension supports the
definition of a wide range of access control policies concisely and
transparently as a separate concern. In addition to regulating the
access to pages and actions, access control rules are used to infer
navigation options not accessible to the current user, preventing the
presentation of inaccessible links. The extension is an illustration
of a general approach to the design of domain-specific languages for
different technical domains to support separation of concerns in
application development, while preserving linguistic integration. This
approach is realized by means of a transformational semantics that
weaves separately defined aspects into an integrated implementation.