[Yanel-dev] Identity class API extension
Josias Thöny
josias.thoeny at wyona.com
Mon Nov 5 13:22:37 CET 2007
Oli Kessler wrote:
> Hi all,
>
> For authorization checks, the policy manager currently uses the method
>
> public boolean authorize(String path, Identity identity, Usecase usecase)
>
> defined in the security API (org.wyona.security.core.api)
>
> The class Identity models a generic accreditable object which can be a
> user, a group or the world
> (or any other entity such as a client identified by it's IP address, ..)
>
> When implementing a custom PolicyManager however, one would need to
> access a user object (which itself may be a custom implementation) which
> is currently not possible, as the Identity provides no facility. (It has
> a constructor which accepts a user object but does not expose this
> object in the API).
>
> I would propose to extend the Identity class in the security package to
> allow access to the underlying User object, if it was provided with one
> at the time of
> creation:
>
> public User Identity.getUser()
>
>
> What do you think?
Actually there was a getUser() method at some time.
It has been removed because the Identity is stored in the session and
therefore has to be serializable. This lead to some problems when
de-serializing a session, whereas I don't remember exactly what the
problem was.
But I'm +1 to re-add this method if the serialization problem can be
resolved.
josias
>
> Cheers,
> -ok
>
>
>
> _______________________________________________
> Yanel-development mailing list
> Yanel-development at wyona.com
> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development
More information about the Yanel-development
mailing list