[cap-talk] Capabilities - the rub, an account
john.carlson3 at sbcglobal.net
Thu Nov 16 00:31:29 CST 2006
> If you argue that it should then it seems that all capabilities must
> be labeled at least with a person (like an identifier) so they can be
> revoked when the account is removed. This would be a very strong
> sort of membrane like facility for all users. I've never seen such
> implemented. Others?
I haven't seen anything implemented, but when I brought up the
issue of having a bunch of capabilities on a web page, and how
would you manage that, it was suggested that you could provide
the links on the web page, but the actual capabilities would not
appear on the document, but would be an addendum. Thus,
you could use a 2-factor capability...one factor being the account
capability, and the other being the capability that you want to
We might consider the account a cross-cutting concern, and model
it with aspect-oriented software. Thus it wouldn't appear in
the main code anywhere, but would appear in the aspect, and
when the program is running, through a weaving process.
A typical aspect in SQL programming is insuring you have
a valid connection to the database.
More information about the cap-talk