ACL要解決什么問題?Ben Alex在Acegi1.0.3中重新設計了這一部分,從側面說明了其在權限控制中的重要性。下面這段話清楚地解釋了ACL的用途:
Complex applications often will find the need to define access permissions not simply at a web request or
method invocation level. Instead, security decisions need to comprise both who (Authentication), where
(MethodInvocation) and what (SomeDomainObject). In other words, authorization decisions also need to
consider the actual domain object instance subject of a method invocation.