[Yanel-dev] Identity class API extension

Michael Wechner michael.wechner at wyona.com
Mon Nov 5 13:51:46 CET 2007 

Josias Thöny wrote:

> Oli Kessler wrote:
>
>> Hi all,
>>
>> For authorization checks, the policy manager currently uses the method
>>
>>   public boolean authorize(String path, Identity identity, Usecase 
>> usecase)
>>
>> defined in the security API (org.wyona.security.core.api)
>>
>> The class Identity models a generic accreditable object which can be 
>> a user, a group or the world
>> (or any other entity such as a client identified by it's IP address, ..)
>>
>> When implementing a custom PolicyManager however, one would need to 
>> access a user object (which itself may be a custom implementation) 
>> which is currently not possible, as the Identity provides no 
>> facility. (It has a constructor which accepts a user object but does 
>> not expose this object in the API).
>>
>> I would propose to extend the Identity class in the security package 
>> to allow access to the underlying User object, if it was provided 
>> with one at the time of
>> creation:
>>
>>   public User Identity.getUser()
>>
>>
>> What do you think?
>
>
> Actually there was a getUser() method at some time.
> It has been removed because the Identity is stored in the session and 
> therefore has to be serializable. This lead to some problems when 
> de-serializing a session, whereas I don't remember exactly what the 
> problem was.
> But I'm +1 to re-add this method if the serialization problem can be 
> resolved.


agreed, but I think we really need to make sure that it is serializable, 
otherwise we need to think of an alternative solution.

Cheers

Michi

>
> josias
>
>>
>> Cheers,
>> -ok
>>
>>
>>
>> _______________________________________________
>> Yanel-development mailing list
>> Yanel-development at wyona.com
>> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development
>
>
> _______________________________________________
> Yanel-development mailing list
> Yanel-development at wyona.com
> http://lists.wyona.org/cgi-bin/mailman/listinfo/yanel-development



-- 
Michael Wechner
Wyona      -   Open Source Content Management - Yanel, Yulup
http://www.wyona.com
michael.wechner at wyona.com, michi at apache.org
+41 44 272 91 61

More information about the Yanel-development mailing list