One of the great strengths of SecPAL is its unique support for multiple representations of a security policy... We have now also created a sample parser that allows SecPAL policies and authorization queries to be specified using a simplified English grammar and then translated into the SecPAL object model. This allows policies to be specified declaratively in a human readable form.
The parser is written using F# and uses the Lexx and Yacc tools that accompany F#. Full source code is included - so if you are looking for a good project to start learning F# - or if you want to see a complete parser implementation developed using F# and the accompanying tools then this is a great place to start. I really enjoyed working on this sample as it gave me an opportunity to learn a lot more about F# - so over the next couple of posts I will share a lot more information on how the sample works including some tips about F# that I have learned. I will also start posting additional additional access control patterns specified declaratively - hopefully making the samples much easier to follow than the more length samples written purely in C# or F#.