I am looking into the different options we have for authorizing a users actions in a repository and have some questions. I have read Authentication and authorization - ModeShape 4 - Project Documentation Editor and Custom authentication providers - ModeShape 3 - Project Documentation Editor, I have also stepped through the latest source code in order to get a feel for how things work.
The current requirements I have are:
- Restrict Read/Write access to nodes based on a users organization, where organization is a parent node and content belonging to an organization are a hierarchy of child nodes under the organization node.
- Restrict Read/Write access to nodes based on libraries within an organization. a node may belong to multiple libraries within an organization. Given this it will not be modeled as a hierarchy instead library id/name will be a property on node containing a list of library ids/names that the node belongs to.
- Avoid having to create fine grained roles for each organization/library e.g. org1-read, org1-readwrite, org1-library1-read, etc ....
Given these requirements the default corse-grain roles and authorization provided by ModeShape will not suffice, instead I am looking into either using a custom AuthorizationProvider, ACLs, or both. In order to determine what approach will best meet my needs I have the following questions:
1. How do I package and configure a custom AuthorizationProvider when using the ModeShape 4.0 subsystem in Wildfly. I am assuming I can not package it my my application WAR and will need to install it as a Wildfly Module, is this correct?
2. Steeping through the code I can see how AuthorizationProvider implementations and ACLs are applied when determining what actions can be performed either on a specific node or on the repository as a whole but I can not determine how they are used when returning the results of the query, given this:
a) Are AuthorizationProvider/AdvancedAuthorizationProvider implementations used to restrict the results of a query to only nodes that a user is authorized to read? If so what sort of overhead does this add to the query?
b) How are ACL's used to restrict the results of a query to only nodes that a user is authorized to read and what sort of overhead does this add to the query?
Many thanks in advance.