[Yanel-dev] Identity class API extension

Josias Thöny josias.thoeny at wyona.com
Mon Nov 5 13:22:37 CET 2007


Oli Kessler wrote:
> Hi all,
> 
> For authorization checks, the policy manager currently uses the method
> 
>   public boolean authorize(String path, Identity identity, Usecase usecase)
> 
> defined in the security API (org.wyona.security.core.api)
> 
> The class Identity models a generic accreditable object which can be a 
> user, a group or the world
> (or any other entity such as a client identified by it's IP address, ..)
> 
> When implementing a custom PolicyManager however, one would need to 
> access a user object (which itself may be a custom implementation) which 
> is currently not possible, as the Identity provides no facility. (It has 
> a constructor which accepts a user object but does not expose this 
> object in the API).
> 
> I would propose to extend the Identity class in the security package to 
> allow access to the underlying User object, if it was provided with one 
> at the time of
> creation:
> 
>   public User Identity.getUser()
> 
> 
> What do you think?

Actually there was a getUser() method at some time.
It has been removed because the Identity is stored in the session and 
therefore has to be serializable. This lead to some problems when 
de-serializing a session, whereas I don't remember exactly what the 
problem was.
But I'm +1 to re-add this method if the serialization problem can be 
resolved.

josias

> 
> Cheers,
> -ok
> 
> 
> 
> _______________________________________________
> Yanel-development mailing list
> Yanel-development at wyona.com
> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development



More information about the Yanel-development mailing list