Not currently, but there is an extension point org.teiid.PolicyDecider if you want to inject a different authorization scheme. See Custom Authorization Validator - Teiid 8.11 (draft) - Project Documentation Editor
I should also mention that data role permissions can be injected at metadata load time in custom translators. See MetadataFactory.addPermission
I am looking for feature where I can add roles to a VDB dynamically when the VDB is already loaded.
Will the Custom Authorization Validator help do that?
Do you have any sample example implementations for the Custom Authorization Validator.
Also can you help me get the API for the policyholder.
Thanks for your reply.
> I am looking for feature where I can add roles to a VDB dynamically when the VDB is already loaded.
Currently the only supported modification you can make once the vdb is loaded is to update what JAAS groups have a given data role - not to make changes to the data role itself.
> Will the Custom Authorization Validator help do that?
That is up to your needs. The validator will be checked with every user query. In addition to the doc link above, here is the PolicyDecider interface and our implementation that checks the data roles that are defined in the vdb: