HI Kicha,
On Fri, May 6, 2016 at 3:58 PM, Kishanthan Thangarajah <[email protected]>
wrote:
> CarbonContext is the API to store and retrieve data which are thread local.
>
> - There are two API classes, CarbonContext [1]
> and PrivilegedCarbonContext [2].
> - CarbonContext (CC) is the ReadOnly API, which is basically the user
> level API and PrivilegedCarbonContext will be the ReadWrite API which is
> secured using java security permission.
> - From CarbonContext, a user can get the "Principal", which is the
> currently logged-in users' JAAS principal for authorization.
>
> If so, can someone deploy a bundle that can access the currently logged
user's Principal information and use it to authorize an action with that?
If its possible, it is a security problem.
- CarbonContext API also has the ability to set and get properties,
which is to support setting any properties that can be later used within a
thread execution flow.
> *Retrieving Tenant Information*
> In C5 based products, a server instance will be dedicated to a tenant.
> From the CarbonContext API, a user can get the tenant name to which the
> server is bound to. There will not be any setter API for setting tenant
> name as we will read the tenant name from either carbon.yml configuration
> file [3] or from a system/environment variable.
>
What is the order we are enforcing here? IMHO it should be first the
environment variable and then the carbon.yaml.
>
> *Usage*
> CarbonContext carbonContext = CarbonContext.getCurrentContext();
> String tenant = carbonContext.getTenant();
> Principal principal = carbonContext.getUserPrincipal();
> Object propertyValue = carbonContext.getProperty("PROPERTY_KEY");
>
> PrivilegedCarbonContext privilegedCarbonContext =
> PrivilegedCarbonContext.getCurrentContext();
> privilegedCarbonContext.setUserPrincipal(userPrincipal);
> privilegedCarbonContext.setProperty("PROPERTY_KEY", propertyValue);
>
> Thanks,
> Kishanthan.
> [1]
> https://github.com/wso2/carbon-kernel/blob/master/core/src/main/java/org/wso2/carbon/kernel/context/CarbonContext.java
> [2]
> https://github.com/wso2/carbon-kernel/blob/master/core/src/main/java/org/wso2/carbon/kernel/context/PrivilegedCarbonContext.java
> [3]
> https://github.com/wso2/carbon-kernel/blob/master/features/org.wso2.carbon.kernel.feature/resources/conf/carbon.yml#L20
>
> --
> *Kishanthan Thangarajah*
> Associate Technical Lead,
> Platform Technologies Team,
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - +94773426635
> Blog - *http://kishanthan.wordpress.com <http://kishanthan.wordpress.com>*
> Twitter - *http://twitter.com/kishanthan <http://twitter.com/kishanthan>*
>
> _______________________________________________
> Architecture mailing list
> [email protected]
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>
--
Thanks and Regards,
Isuru H.
+94 716 358 048* <http://wso2.com/>*
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
