One of the great strengths of SecPAL is its unique support for multiple representations of a security policy; XML for interoperability; and a simplified English grammar for human readbility. The SecPAL v1.1 Research Release (available from http://research.microsoft.com/projects/secpal) allows SecPAL assertions to be created using the rich and flexible.NET object model or deserialized from (or serialized into XML) XML according to the SecPAL Schema Specification (also available at the aforementioned URL).

We have now also created a sample parser that allows SecPAL policies and authorization queries to be specified using a simplified English grammar and then translated into the SecPAL object model. This allows policies to be specified declaratively in a human readable form. The parser is written using F# and uses the Lexx and Yacc tools that accompany F#. Full source code is included - so if you are looking for a good project to start learning F# - or if you want to see a complete parser implementation developed using F# and the accompanying tools then this is a great place to start.

 

I really enjoyed working on this sample as it gave me an opportunity to learn a lot more about F# - so over the next couple of posts I will share a lot more information on how the sample works including some tips about F# that I have learned. I will also start posting additional additional access control patterns specified declaratively - hopefully making the samples much easier to follow than the more length samples written purely in C# or F#.

The parser sample is available from here: http://www.codeplex.com/secpal/Release/ProjectReleases.aspx?ReleaseId=6667