[Yanel-dev] PolicyManagerv2 : authorize
Michael Wechner
michael.wechner at wyona.com
Sun Mar 6 23:16:48 CET 2011
On 3/4/11 5:12 PM, Balz Schreier wrote:
> please forget my mail below. sorry.
>
> i see that getEnvironment().getIdentity() returns that "world" user
> object in case the user is not logged in.
Maybe we can enhance the documentation and/or javadoc to make this
clearer, e.g.
http://www.yanel.org/en/documentation/security/overview.html
WDYT?
Thanks
Michael
>
> thanks.
>
> On Fri, Mar 4, 2011 at 5:09 PM, Balz Schreier <balz.schreier at gmail.com
> <mailto:balz.schreier at gmail.com>> wrote:
>
> hi,
>
> i use policies that authorize public users for certain usecases,
> so I use this in the usecase definition:
>
> <world permission="true"/>
>
>
> How can I authorize a user request where the user is unknown?
>
>
> I use:
>
> realm.getPolicyManager().authorize(policyPath, identity, usecase);
>
>
> but identity is of course NULL for not logged in users.
>
> How can I run the authorization check for not logged in users?
>
>
> Thanks
>
> Cheers
>
> Balz
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wyona.org/pipermail/yanel-development/attachments/20110306/76dd269a/attachment.html>
More information about the Yanel-development
mailing list