Task #3339
Story #2523: authorization implementations should be centralized
utilize AuthUtils methods for search() / query()
100%
Description
I think it's implemented, but with some variation to use IdentityManager?
Can you give the status?
History
#1 Updated by Skye Roseboom over 11 years ago
- Status changed from New to Closed
- translation missing: en.field_remaining_hours set to 0.0
The solr_extensions project has a class called SessionAuthorizationUtil. It is used by the SessionAuthorizationFilterStrategy implementations to translate a session/certificate into the persons subjects. This is exercised by the CN search, query, log data service api implementations. This class has been updated to use the AuthUtils findPersonsSubjects to accomplish the translation from cert/session to all the person's equivalent identities.
The solr authentication logic does extend the AuthUtils strategy a bit by including a request to the cn identityManager to retrieve an authenticated subject info object.
Let me know if you need any more info!
