I’m trying to get my head around the current state of the various
login/authentication engines, and can’t get a clear view of what the
available options are, how stable/robust they are, and what are the
pros/cons/capabilities of each.
The specific problem I’m trying to solve is this: I’ve got a bunch of
users, who will need to be authenticated and assigned roles (e.g.
Administrator, User, …) and only for specific parts of the system
(e.g. AccountsPayable, AccountsReceivable, GeneralLedger). No, I’m
not making an accounting system, but this is the simplest analogy I
could think of to describe the login/authentication I need.
A user may be an Administrator for AccountsPayable, but have no rights
whatsoever for GeneralLedger. In other words, I need to be able to
restrict their access not only on a role basis, but also on a “which
part of the system” basis. I don’t want to mix the two and create
roles such as GeneralLedgerAdministrator, because that doesn’'t give
me the scalability and flexibility I know I’m going to need later on.
Is there a login/authentication engine that I can just drop in to do
this (unlikely), or is there one that could be tweaked to provide this
functionality relatively easily?
Thanks in advance for any assistance