Hi, > I've created a wiki entry for fine-grained authorization.
could you specify use-cases which you'd like to solve by this feature? If I want e.g. restrict access to entries only to user who created the entry, the callback itself doesn't easily (*) solve the problem, as I need some additional entry metadata for the decision, etc. Btw: in case of auth. callback I see custom code as an advantage, as it gives me freedom to implement my security policy as I like. And we can provide some common callbacks for users who don't want to implement it themselves. Thanks Vojta (*) I can probably e.g. encode some subject hash into the key and then allow/reject request for entry based on hash of requesting subject, but this is not a very nice solution
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ infinispan-dev mailing list [email protected] https://lists.jboss.org/mailman/listinfo/infinispan-dev
