Section
3.1.2
Top Level
Sub Level
General
The access control mechanism(s) should be implemented in a centralized library, component, or mechanism. It should be easy to understand how the implementation works and easy to examine it for flaws.
Coldfusion
Use the application.cfm or application.cfc file to determine access control for a user, and set session variables. Session scope cannot be controlled by users and the application.cfm will ensure that the access control is applied "globally".
Django
The Django contrib.auth application provides a simple permission system.
Natural Webagent
Use Apollo to manage role-based authorizations.