Chapter 7. SiteMap and access control
This chapter covers
- Access control functionality
- Menu generation
- Building custom location parameters
- HTTP authorization
SiteMap offers you granular page-level security, a tidy DSL for defining application structure, and an automatic way to generate user navigation. Bearing in mind Lift’s view-first architecture and the way in which snippets are executed in a given page request, there’s nothing to effectively control access or execute code before the page (and its snippets) start to load. This is where SiteMap fits in, architecturally speaking.
Everything within the SiteMap is related to what is known as a location, or Loc for short. These locations typically represent pages that have a corresponding markup template in your application, but more broadly these locations are resources within your application, something that will be accessed by your application’s users. As SiteMap is executed before any page rendering takes place, it can effectively execute access control rules, or even short circuit the whole rendering of that resource and return a response directly.