[Yanel-dev] Identity class API extension
Oli Kessler
ok at ncode.ch
Mon Nov 5 11:51:24 CET 2007
Hi all,
For authorization checks, the policy manager currently uses the method
public boolean authorize(String path, Identity identity, Usecase
usecase)
defined in the security API (org.wyona.security.core.api)
The class Identity models a generic accreditable object which can be
a user, a group or the world
(or any other entity such as a client identified by it's IP address, ..)
When implementing a custom PolicyManager however, one would need to
access a user object (which itself may be a custom implementation)
which is currently not possible, as the Identity provides no
facility. (It has a constructor which accepts a user object but does
not expose this object in the API).
I would propose to extend the Identity class in the security package
to allow access to the underlying User object, if it was provided
with one at the time of
creation:
public User Identity.getUser()
What do you think?
Cheers,
-ok
More information about the Yanel-development
mailing list