Method and system for authorizing user interfaces

摘要

A method to generate a role-based user interface to be presented to a user includes processing a security-relevant portion of user interface code associated with an application, determining a permission by processing application role information pertaining to the user and security policy information, wherein the security policy information is distinct from the user interface code, and associated with the security-relevant portion of the user interface code and with permissions relating to the application, and generating the role-based user interface associated with the application to selectively include a user interface element based upon the determined permission.

主权项

1. A method comprising:
authenticating a user; in response to authenticating the user, accessing a user interface (UI) code, the UI code to generate a UI page, the UI page including instructions to generate a graphical user interface (GUI) for the user, the UI code including a security relevant portion of the UI code to generate a security relevant UI page element, the security relevant UI page element including instructions to generate a security relevant GUI element related to an application; and in response to accessing the UI code, executing the UI code to generate the UI page, the executing the UI code including executing a first portion of the UI code to include a UI page element in the UI page, wherein the executing the first portion of the UI code is independent of whether or not the user has an authorization to access the application, the executing the UI code further including determining whether the user has the authorization to access the application, the determining based on a security policy and user role information, the executing the UI code further including performing one of
with a processor of a computing device, executing the security relevant portion of the UI code to include the security relevant UI page element in the UI page, the executing the security relevant portion of the UI code in response to determining that the user has the authorization to access the application, andpreventing executing the security relevant portion of the UI code to prevent an including of the security relevant UI page element in the UI page, the preventing executing the security relevant portion of the UI code in response to determining that the user does not have the authorization to access the application.