https://devops-monk.com/tags/acl/Recent content in Acl on Devops MonkHugoen-usMon, 04 May 2026 00:00:00 +0000https://devops-monk.com/tutorials/spring-security/domain-object-acl/Mon, 04 May 2026 00:00:00 +0000https://devops-monk.com/tutorials/spring-security/domain-object-acl/What ACLs Solve Role-based access control answers: “Can this user perform this action?” ACLs answer: “Can this user perform this action on this specific object?” Consider a document management system: Alice owns Document #42 — she can read and edit it Bob is a reviewer on Document #42 — he can read it but not edit Carol has no permission on Document #42 — she gets a 403 This cannot be expressed with roles alone.