[Yanel-dev] Identity class API extension
Michael Wechner
michael.wechner at wyona.com
Mon Nov 5 12:35:00 CET 2007
Oli Kessler wrote:
> Hi all,
>
> For authorization checks, the policy manager currently uses the method
>
> public boolean authorize(String path, Identity identity, Usecase
> usecase)
>
> defined in the security API (org.wyona.security.core.api)
>
> The class Identity models a generic accreditable object which can be
> a user, a group or the world
> (or any other entity such as a client identified by it's IP address, ..)
>
> When implementing a custom PolicyManager however, one would need to
> access a user object (which itself may be a custom implementation)
> which is currently not possible, as the Identity provides no
> facility. (It has a constructor which accepts a user object but does
> not expose this object in the API).
>
> I would propose to extend the Identity class in the security package
> to allow access to the underlying User object, if it was provided
> with one at the time of
> creation:
>
> public User Identity.getUser()
>
>
> What do you think?
+1
Michi
>
> Cheers,
> -ok
>
>
>
> _______________________________________________
> Yanel-development mailing list
> Yanel-development at wyona.com
> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development
--
Michael Wechner
Wyona - Open Source Content Management - Yanel, Yulup
http://www.wyona.com
michael.wechner at wyona.com, michi at apache.org
+41 44 272 91 61
More information about the Yanel-development
mailing list