As we discussed offline I think it would be better to provide a default implementation for $subject while providing the extension point.
Thanks On Wed, May 3, 2017 at 10:47 AM, SajithAR Ariyarathna <sajit...@wso2.com> wrote: > Hi All, > > We are in the process of introducing an extensible authorizer for Carbon > UUF. > > At the moment authorization is done via the org.wso2.carbon.uuf.spi.au > th.User interface [1]. When creating an user session, implementation of > the User interface (e.g. CaasUser [2]) should be passed. The main > drawback of this approach is, the logic in the hasPermission() method has > to be serializable. Usually this is difficult to achieve because in order > to evaluate permissions one might need to access some user management > services (e.g. Realm Service) which cannot be serialized. Hence moving the > hasPermission() method out of the User class and allowing to plug-in a > custom authorizer would be a better approach. > > WDYT? > > [1] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/compo > nents/uuf-core/src/main/java/org/wso2/carbon/uuf/spi/auth/User.java#L28 > [2] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/sampl > es/osgi-bundles/org.wso2.carbon.uuf.sample.simple-auth.bundl > e/src/main/java/org/wso2/carbon/uuf/sample/simpleauth/bundle/CaasUser.java > > Thanks. > -- > Sajith Janaprasad Ariyarathna > Senior Software Engineer; WSO2, Inc.; http://wso2.com/ > <https://wso2.com/signature> > -- *Imesh Gunaratne* WSO2 Inc: http://wso2.com T: +94 11 214 5345 M: +94 77 374 2057 <+94%2077%20374%202057> W: https://medium.com/@imesh TW: @imesh lean. enterprise. middleware
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture