In base al dominio Driven Design and Development In Practice :
Spring Security (a sub-project in Spring Portfolio) provides a fine-grained access control in both presentation (URL based) and domain (Method Level) layers of the application. The framework uses Spring's Bean Proxy to intercept method invocation and apply security constraints. It offers a role-based declarative security for Java objects using MethodSecurityInterceptor class. There is also instance level security in the form of Access Control Lists (ACL's) for domain objects to control the user access at the instance level.
The main advantage of using Spring Security for managing the authorization requirements in the domain model is that the framework has a non-invasive architecture so we can have a clean separation between the domain and security aspects. Also, the business objects are not cluttered with security implementation details. We can write common security rules in one place and apply them (using AOP techniques) wherever they need to be implemented.
La mia domanda è:
Esiste un progetto come Spring Security per C # per aiutarmi a scrivere regole di sicurezza comuni in un unico posto e applicarle (utilizzando tecniche AOP) ovunque sia necessario implementare.