-
1. Re: Embedded Teiid authorization (dynamic mode)
rareddy Aug 14, 2015 1:36 PM (in response to szarazfika)No, not inside the SecurityHelper, that is strictly for the Authentication and security propagation.
For Authorization, take look at AuthorizationValidator and PolicyDecider interface, and our default AuthorizationValidator is DefaultAuthorizationValidator and PolicyDecider interface "DataRolePolicyDecider", which is based on permissions defined in the -vdb.xml as defined here Data Roles - Teiid 8.12 (draft) - Project Documentation Editor
Note you can just inject a new PolicyDecider to control the Authorizations as you want. Take a look "EmbeddedConfiguration.setAuthorizationValidator" method for it
HTH
Ramesh..
-
2. Re: Embedded Teiid authorization (dynamic mode)
szarazfika Aug 17, 2015 11:24 AM (in response to rareddy)Hi Ramesh,
Thanks again for your answer, it was a great help!
There is something we still need to proceed:
- We are working with the dynamic approach. We do not have any virtual model specified inside our -vdb.xml file. As well as I know we cannot add any authorization data through this file, can we?
Is there a way we can get the actual user from the session inside the Authorization validator?
Thanks in advance!
-
3. Re: Embedded Teiid authorization (dynamic mode)
rareddy Aug 17, 2015 6:18 PM (in response to szarazfika)Look at the "CommandContext" objects methods, you will have all the information about the Session.
-
4. Re: Embedded Teiid authorization (dynamic mode)
szarazfika Aug 17, 2015 6:44 PM (in response to rareddy)Thank you very much, this is what I need!