On Wed, May 17, 2017 at 11:57 AM, Vidura Nanayakkara <vidu...@wso2.com> wrote:
> Since we are not aware of the 'Authorizer' implementations that can be in > a product (persisting and retrieving permissions logic) we cannot provide a > default implementation to the 'Authorizer'. > Thanks Vidura! Would you mind explaining why each product has to implement it's own authorizer? Thanks Imesh > This has been documented in the 'Authorizer' interface [1]. > > [1] https://github.com/wso2/carbon-uuf/blob/3fbf10907747806d6311acef2095e5 > a8b623e339/components/uuf-core/src/main/java/org/wso2/carbon/uuf/spi/auth/ > Authorizer.java > > Best Regards, > Vidura Nanayakkara > > On Wed, May 17, 2017 at 10:27 AM, Chandana Napagoda <chand...@wso2.com> > wrote: > >> Hi Imesh, >> >> I think during the offline meeting, we have already discussed about the >> default implementation. >> >> @ViduraN, Can you please elaborate it in here? >> >> Regards, >> Chandana >> >> On Wed, May 17, 2017 at 10:08 AM, Imesh Gunaratne <im...@wso2.com> wrote: >> >>> As we discussed offline I think it would be better to provide a default >>> implementation for $subject while providing the extension point. >>> >>> Thanks >>> >>> On Wed, May 3, 2017 at 10:47 AM, SajithAR Ariyarathna <sajit...@wso2.com >>> > wrote: >>> >>>> Hi All, >>>> >>>> We are in the process of introducing an extensible authorizer for >>>> Carbon UUF. >>>> >>>> At the moment authorization is done via the org.wso2.carbon.uuf.spi.au >>>> th.User interface [1]. When creating an user session, implementation >>>> of the User interface (e.g. CaasUser [2]) should be passed. The main >>>> drawback of this approach is, the logic in the hasPermission() method >>>> has to be serializable. Usually this is difficult to achieve because in >>>> order to evaluate permissions one might need to access some user management >>>> services (e.g. Realm Service) which cannot be serialized. Hence moving the >>>> hasPermission() method out of the User class and allowing to plug-in a >>>> custom authorizer would be a better approach. >>>> >>>> WDYT? >>>> >>>> [1] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/compo >>>> nents/uuf-core/src/main/java/org/wso2/carbon/uuf/spi/auth/User.java#L28 >>>> [2] https://github.com/wso2/carbon-uuf/blob/v1.0.0-m14/sampl >>>> es/osgi-bundles/org.wso2.carbon.uuf.sample.simple-auth.bundl >>>> e/src/main/java/org/wso2/carbon/uuf/sample/simpleauth/bundle >>>> /CaasUser.java >>>> >>>> Thanks. >>>> -- >>>> Sajith Janaprasad Ariyarathna >>>> Senior Software Engineer; WSO2, Inc.; http://wso2.com/ >>>> <https://wso2.com/signature> >>>> >>> >>> >>> >>> -- >>> *Imesh Gunaratne* >>> WSO2 Inc: http://wso2.com >>> T: +94 11 214 5345 M: +94 77 374 2057 <+94%2077%20374%202057> >>> W: https://medium.com/@imesh TW: @imesh >>> lean. enterprise. middleware >>> >>> >>> _______________________________________________ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> *Chandana Napagoda* >> Associate Technical Lead >> WSO2 Inc. - http://wso2.org >> >> *Email : chand...@wso2.com <chand...@wso2.com>**Mobile : +94718169299 >> <+94%2071%20816%209299>* >> >> *Blog : http://cnapagoda.blogspot.com <http://cnapagoda.blogspot.com> >> | http://chandana.napagoda.com <http://chandana.napagoda.com>* >> >> *Linkedin : http://www.linkedin.com/in/chandananapagoda >> <http://www.linkedin.com/in/chandananapagoda>* >> >> > > > -- > Best Regards, > > *Vidura Nanayakkara* > Software Engineer > > Email : vidu...@wso2.com > Mobile : +94 (0) 717 919277 <+94%2071%20791%209277> > Web : http://wso2.com > Blog : https://medium.com/@viduran <http://wso2.com/> > LinkedIn : https://lk.linkedin.com/in/vidura-nanayakkara > <http://wso2.com/> > -- *Imesh Gunaratne* WSO2 Inc: http://wso2.com T: +94 11 214 5345 M: +94 77 374 2057 W: https://medium.com/@imesh TW: @imesh lean. enterprise. middleware
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
