shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kalle Korhonen <>
Subject Realm extends Authorizer, why?
Date Fri, 07 Jan 2011 05:18:08 GMT
Why does a Realm extend Authorizer? Shouldn't only the
AuthorizingRealm implement Authorizer? This makes the
AuthenticatingRealm fairly useless since you need to implement a bunch
of authorizing operations even if your realm is not supposed to do
anything more than just authenticate. There's probably a good reason
for Authorizer being the top level interface rather than Realm, but
it's just not immediately obvious for me. Even then, I hope we could
straighten this out in a future release since it just doesn't seem
right to me. Les, care to comment, I bet you have a pretty good
insight into this.


View raw message