Beyond Scripting... Professional Programming for the Web.

Unified security model for easy configuration

Lasso employs a security layer between the parser and the access to services, resources, and tags. Source code can be contained to specific databases, tables, even fields, to specific file directories, and even to specific language commands. Source code can be written to run under a specific Group which is defined with explicit privileges within the Lasso server environment. This enables a well-controlled Restriction of Concerns model for individual developers and/or for individual application components.

Unified Security
Lasso features a comprehensive security system that allows access to data sources, files and tags to be controlled from a single, unified interface. Providing a complete security layer within Lasso makes it easy to configure all of the settings for a site from a single point-of-access.

Data Source Security
Lasso can secure data sources at the host, database or table level. A flexible system of users and groups allows permissions to be assigned in the best way possible for your solutions.

File and Tag Security
Access to the local file system and access to LassoScript tags can also be controlled within Lasso's unified security system. Also controls access to file uploads and allows users to restrict them by file type and size.

Digest Authentication
Lasso supports both digest authentication for Web browser communications. This standard encrypts all passwords before they are sent from a Web browser to Lasso and allows advanced authentication rules, like timeouts. Also supports basic authentication for full backward compatibility.