strolch

Commit Graph

Author	SHA1	Message	Date
Robert von Burg	93022ba559	[Major] major rewrite of the privilege validation. Now the PrivilegeContext object is central and once the user logged in, this object is bound to a ThreadLocal. From then there is no further need to interact with the PrivilegeHandler - this allows for authenticated users to get a remote copy of the PrivilegeContext so that on a remote client, the user can check for permissions, without having to do the round trip to the server. A code review of this change would be good, but preliminary tests show that it works. A test should now be implemented to check if getting a remote copy also allows for authorization.	2013-04-09 07:33:32 +02:00

Author

SHA1

Message

Date

Robert von Burg

93022ba559

[Major] major rewrite of the privilege validation.

Now the PrivilegeContext object is central and once the user logged in,
this object is bound to a ThreadLocal. From then there is no further
need to interact with the PrivilegeHandler - this allows for
authenticated users to get a remote copy of the PrivilegeContext so that
on a remote client, the user can check for permissions, without having
to do the round trip to the server.

A code review of this change would be good, but preliminary tests show
that it works. A test should now be implemented to check if getting a
remote copy also allows for authorization.

2013-04-09 07:33:32 +02:00

1 Commits