...
Authorizer \ Threat | Reflection | Cache Access | Region Access | Entry Modification |
---|---|---|---|---|
RestrictedMethodAuthorizer | ||||
GeodeBasedMethodAuthorizer | ||||
RegexBasedMethodAuthorizer | ||||
JavaBeanAccessorBasedMethodAuthorizer |
...
This interface is intended to be implemented by users that want a custom authorization mechanism, and by the out of the box implementations as well. The interface will have only one method and it should return a boolean
indicating whether the specified method
is allowed to be executed on the target
object or not. For those situations on which the authorization can not be determined, the a non-checked NotAuthorizedException
exception should be thrown.
The authorize
method will be called for every traversed object as part of the query execution, so it's extremely important that the implementation is lighting fast.
...
boolean authorize(Method method, Object target) throws NotAuthorizedException;
}
Implementations of this interface must be thread-safe as more than one thread might invoke the method at the same time.
...
return restrictedAuthorizer.isAllowedGeodeMethod(method, target);
}
Advantages
- Easy to use .
- No extra configuration needed .
- Implicit and Explicit methods can be executed on objects stored within the regions .
...
The primary problem with these solutions is that they force the user to modify the domain model and, also, add extra unnecessary coupling. With this proposal, anyway, the user can ultimately use these frameworks by just providing their own authorizer implementation and check the annotation in order to allow/deny the method execution.
Errata
None so farThe contract for the interface MethodInvocationAuthorizer
won't include a throws
clause for the NotAuthorizedException
class, that exception was designed to indicate that the subject is not allowed to execute a particular operation, not to indicate that a problem has occurred and that the authorization can not be determined. Since Geode can't do anything to recover from such errors and doesn't have any insights about the actual implementation, a non checked exception should be thrown whenever there's an error while executing the authorization logic.