ACL要解决什么问题?Ben Alex在Acegi1.0.3中重新设计了这一部分,从侧面说明了其在权限控制中的重要性。下面这段话清楚地解释了ACL的用途:
Complex applications often will find the need to define access permissions not simply at a web request or
method invocation level. Instead, security decisions need to comprise both who (Authentication), where
(MethodInvocation) and what (SomeDomainObject). In other words, authorization decisions also need to
consider the actual domain object instance subject of a method invocation.