Hi Sajith,

I am +1 to allow custom authorizers. But not bit convinced with the reason
provided.

Java allows non-serializable properties on the objects with "transient"
keyword. At the time of deserialize these properties will be in default
values (i.e. objects will be null). Then you can override "readResolve()"
method to fetch & assign the current state of the system for those
properties.

Best Regards,
Rasika

On Wed, May 3, 2017 at 10:47 AM, SajithAR Ariyarathna <sajit...@wso2.com>
wrote:

> Hi All,
>
> We are in the process of introducing an extensible authorizer for Carbon
> UUF.
>
> At the moment authorization is done via the org.wso2.carbon.uuf.spi.au
> th.User interface [1]. When creating an user session, implementation of
> the User interface (e.g. CaasUser [2]) should be passed. The main
> drawback of this approach is, the logic in the hasPermission() method has
> to be serializable. Usually this is difficult to achieve because in order
> to evaluate permissions one might need to access some user management
> services (e.g. Realm Service) which cannot be serialized. Hence moving the
> hasPermission() method out of the User class and allowing to plug-in a
> custom authorizer would be a better approach.
>
> WDYT?
>
> [1] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/compo
> nents/uuf-core/src/main/java/org/wso2/carbon/uuf/spi/auth/User.java#L28
> [2] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/sampl
> es/osgi-bundles/org.wso2.carbon.uuf.sample.simple-auth.bundl
> e/src/main/java/org/wso2/carbon/uuf/sample/simpleauth/bundle/CaasUser.java
>
> Thanks.
> --
> Sajith Janaprasad Ariyarathna
> Senior Software Engineer; WSO2, Inc.;  http://wso2.com/
> <https://wso2.com/signature>
>
> _______________________________________________
> Architecture mailing list
> Architecture@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


-- 
With Regards,

*Rasika Perera*
Senior Software Engineer
LinkedIn: http://lk.linkedin.com/in/rasika90

<http://wso2.com/signature>

WSO2 Inc. www.wso2.com
lean.enterprise.middleware
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture

Reply via email to