Hi Imesh, I think during the offline meeting, we have already discussed about the default implementation.
@ViduraN, Can you please elaborate it in here? Regards, Chandana On Wed, May 17, 2017 at 10:08 AM, Imesh Gunaratne <[email protected]> wrote: > As we discussed offline I think it would be better to provide a default > implementation for $subject while providing the extension point. > > Thanks > > On Wed, May 3, 2017 at 10:47 AM, SajithAR Ariyarathna <[email protected]> > wrote: > >> Hi All, >> >> We are in the process of introducing an extensible authorizer for Carbon >> UUF. >> >> At the moment authorization is done via the org.wso2.carbon.uuf.spi.au >> th.User interface [1]. When creating an user session, implementation of >> the User interface (e.g. CaasUser [2]) should be passed. The main >> drawback of this approach is, the logic in the hasPermission() method >> has to be serializable. Usually this is difficult to achieve because in >> order to evaluate permissions one might need to access some user management >> services (e.g. Realm Service) which cannot be serialized. Hence moving the >> hasPermission() method out of the User class and allowing to plug-in a >> custom authorizer would be a better approach. >> >> WDYT? >> >> [1] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/compo >> nents/uuf-core/src/main/java/org/wso2/carbon/uuf/spi/auth/User.java#L28 >> [2] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/sampl >> es/osgi-bundles/org.wso2.carbon.uuf.sample.simple-auth.bundl >> e/src/main/java/org/wso2/carbon/uuf/sample/simpleauth/bundle >> /CaasUser.java >> >> Thanks. >> -- >> Sajith Janaprasad Ariyarathna >> Senior Software Engineer; WSO2, Inc.; http://wso2.com/ >> <https://wso2.com/signature> >> > > > > -- > *Imesh Gunaratne* > WSO2 Inc: http://wso2.com > T: +94 11 214 5345 M: +94 77 374 2057 <+94%2077%20374%202057> > W: https://medium.com/@imesh TW: @imesh > lean. enterprise. middleware > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Chandana Napagoda* Associate Technical Lead WSO2 Inc. - http://wso2.org *Email : [email protected] <[email protected]>**Mobile : +94718169299* *Blog : http://cnapagoda.blogspot.com <http://cnapagoda.blogspot.com> | http://chandana.napagoda.com <http://chandana.napagoda.com>* *Linkedin : http://www.linkedin.com/in/chandananapagoda <http://www.linkedin.com/in/chandananapagoda>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
