aredridel
commented
10 years ago Right now, Kraken has no authorization check module, nor any authentication module -- authentication is generally left to other modules (passport is common); authorization is too (though I don't know any off the top of my head)
It's out of scope for lusca, so I'm closing this issue.
We're currently using Spring Framework + Spring Security or Groovy/Grails for apps but evaluating KrakenJS and trying out the PassportJS example. One piece missing I believe is the ability to assume a subordinate user role, but also switch back, which is a huge plus for Spring Security.
Since PassportJS is Authentication, and not Authorization, where best in KrakenJS stack would someone implement something similar to Spring's implementation of this functionality and is there any effort to add this with the current rewrite?
See: http://docs.spring.io/spring-security/site/docs/3.2.0.RELEASE/apidocs/org/springframework/security/web/authentication/switchuser/SwitchUserFilter.html
See: http://grails-plugins.github.io/grails-spring-security-core/docs/manual.1273/guide/15%20Switch%20User.html