You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@geode.apache.org by "Jinmei Liao (JIRA)" <ji...@apache.org> on 2017/07/05 15:22:00 UTC
[jira] [Commented] (GEODE-3100) expose authorize* call in the
SecurityService interface
[ https://issues.apache.org/jira/browse/GEODE-3100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16074930#comment-16074930 ]
Jinmei Liao commented on GEODE-3100:
------------------------------------
the intent of this ticket is to expose the authorizeXXX calls in an external security service, so that function users can use them to do authorization checks in the function code. But functions are executed usually in a remote vm where user is not logged in, so when doing that, it could end up with an AnonymouseUser exception. We will either need to send the credentials (or the seriazlied Subject) to the function execution thread or come up with another means of authorization check for functions.
> expose authorize* call in the SecurityService interface
> -------------------------------------------------------
>
> Key: GEODE-3100
> URL: https://issues.apache.org/jira/browse/GEODE-3100
> Project: Geode
> Issue Type: Improvement
> Reporter: Jinmei Liao
> Assignee: Jinmei Liao
> Fix For: 1.3.0
>
>
> these authorizeXXX calls are useful for function developers to call to authorize operations in the function. This gives function users freedom to choose what permissions are needed to execute this function.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)