Re: Security Subject of thin client on remote nodes

VeenaMithare Wed, 11 Mar 2020 04:07:23 -0700

HI Denis, 

Ref :
https://cwiki.apache.org/confluence/display/IGNITE/IEP-41%3A+Security+Context+of+thin+client+on+remote+nodes


How is this method 

public interface GridSecurityProcessor extends GridProcessor {
 
     // Other methods.
 
    /**
     * Gets security context.
     *
     * @param subjId Security subject id.
     * @return Security context or null if not found.
     */
    public default SecurityContext securityContext(UUID subjId){
        return null; //for backward compatibility
    }
}

Different from :
/**
* Gets authenticated node subject.
*
* @param subjId Subject ID.
* @return Security subject.
* @throws IgniteCheckedException If error occurred.
*/
public SecuritySubject authenticatedSubject(UUID subjId) throws
IgniteCheckedException;

 securityContext(UUID subjId)  method will give us SecurityContext,
authenticatedSubject will give us SecuritySubject.  We do the
securitysubject's permission check on authorize method. What is the usecase
for which we would want to use securityContext(UUID subjId) instead of
authenticatedSubject or authorize?



--
Sent from: http://apache-ignite-developers.2346864.n4.nabble.com/

Re: Security Subject of thin client on remote nodes

Reply via email to