A couple of people have remarked to us that they like the flexibility that SecPAL provides, but feel that it is difficult for people to get to grips with the API's when they first start evaluating SecPAL.
For this reason Lonnie Wall (a consultant from RDA Corp) has just released some sample C# source code for a SecPAL query editor and released it on our SecPAL CodePlex workspace. In addition to providing a GUI based interface to our samples*, the query editor also includes:
- A series of task specific wizards for performing tasks such as establishing trust relationships, protecting resources and writing queries.
- The ability to review security policies and tokens using our new simplified English grammar.
- The ability to load / save your authorization context into XML based on our SecPAL Schema.
- A graphical interface for reviewing query results - including direct access to the graphical proof graph viewer.
- The ability to review the samples source code from within the editor.
The code is of course just sample, and although it only touches on the surface of SecPAL's capabilities I think it should hopefully provide a good starting point for people evaluating SecPAL. More importantly, it should also demonstrate one approach in which SecPAL could be integrated into products - hiding the complexity of our API's from end users.
The query editor functions best with our v1.1 release, so if you haven't already installed v1.1 download it from here. We are definitely looking for feedback, so if you have any comments / suggestions post them on the workspace. Also, if there are other examples of UI's that you like (or dislike) post some pointers to our workspace so other people can also comment.
* If you haven't had a chance to check our samples out yet - take this opportunity to review them. The samples include common access control patterns such as: establishing trust relationships, audit logging, unconstrained delegation (impersonation), constrained delegation, role exclusion, exists quantification, revocation, role based security, role exculusion, multi-level delegation, two man scenario, user and application scenario and much much more...