Hi Rasika, On Wed, May 3, 2017 at 10:34 PM, Rasika Perera <rasi...@wso2.com> wrote:
> Hi Sajith, > > I am +1 to allow custom authorizers. But not bit convinced with the reason > provided. > > Java allows non-serializable properties on the objects with "transient" > keyword. At the time of deserialize these properties will be in default > values (i.e. objects will be null). Then you can override "readResolve()" > method to fetch & assign the current state of the system for those > properties. > Yes, one can use transient keyword to exclude from serialization and readResolve() method to load that field on deserialization. However that can be very cumbersome and counterintuitive as every webapp developer who wishes to plug a custom authentication/authorization mechanism to UUF have to worry about the serialization of their authorization service. Also, only the User needs needs to be serializable. The authorization service doesn't need to be (most of the time, cannot be) serializable. Hence, IMO its better to move-out the authorization service out of the User object. Thanks. > > Best Regards, > Rasika > > On Wed, May 3, 2017 at 10:47 AM, SajithAR Ariyarathna <sajit...@wso2.com> > wrote: > >> Hi All, >> >> We are in the process of introducing an extensible authorizer for Carbon >> UUF. >> >> At the moment authorization is done via the org.wso2.carbon.uuf.spi.au >> th.User interface [1]. When creating an user session, implementation of >> the User interface (e.g. CaasUser [2]) should be passed. The main >> drawback of this approach is, the logic in the hasPermission() method >> has to be serializable. Usually this is difficult to achieve because in >> order to evaluate permissions one might need to access some user management >> services (e.g. Realm Service) which cannot be serialized. Hence moving the >> hasPermission() method out of the User class and allowing to plug-in a >> custom authorizer would be a better approach. >> >> WDYT? >> >> [1] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/compo >> nents/uuf-core/src/main/java/org/wso2/carbon/uuf/spi/auth/User.java#L28 >> [2] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/sampl >> es/osgi-bundles/org.wso2.carbon.uuf.sample.simple-auth.bundl >> e/src/main/java/org/wso2/carbon/uuf/sample/simpleauth/bundle >> /CaasUser.java >> >> Thanks. >> -- >> Sajith Janaprasad Ariyarathna >> Senior Software Engineer; WSO2, Inc.; http://wso2.com/ >> <https://wso2.com/signature> >> >> _______________________________________________ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > With Regards, > > *Rasika Perera* > Senior Software Engineer > LinkedIn: http://lk.linkedin.com/in/rasika90 > > <http://wso2.com/signature> > > WSO2 Inc. www.wso2.com > lean.enterprise.middleware > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Sajith Janaprasad Ariyarathna Senior Software Engineer; WSO2, Inc.; http://wso2.com/ <https://wso2.com/signature>
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
