Closed codingchili closed 6 years ago
Associated with #107
Implement as vertx auth provider.
Added properties to tokens, vertx auth provider in another issue.
Add integration with the Protocol for specifying access levels
Added to protocol, custom roles, annotations supported, access levels. To be used with a RoleManager to get the roles from incoming requests. RoleManager TBD
jCasbin is an authorization library that supports models like ACL, RBAC, ABAC.
Related to RBAC, casbin has several advantages:
And you can even customize your own access control model, for example, mix RBAC and ABAC together by using roles and attributes at the same time. It's very flexible.
I saw there's a RBAC need here, and I think jCasbin is a good choice. What do you think? Thanks.
Increase granularity of service accessibility from public/authorized to roles.