Dynamic authorization - static roles list

#1

Hi All,

Am I correct in thinking that even with dynamic authorization that the list of roles must be defined in the crossbar config? e.g. the list of roles available in and instance is still static, it is just what permissions they have that is dynamic?

Regards,

Jon

0 Likes

#2

Unless there is a trick to getting rid of them, I’d be inclined to think you are correct.
As far as I’m aware the type of authorization that is applied is relative to a role, so you need the role in order to get to the authorization.

e.g;

“realms”: [{
“name”: “MyRealm”,
“roles”: [
{ “name”: “client” , “authorizer”: “MyRealm.security.authorize” },
{ “name”: “server” , “authorizer”: “MyRealm.security.authorize” },
{ “name”: “authenticator”, “permissions”: [{ “uri”: “*”, “publish”: true, “subscribe”: true, “call”: true, “register”: true }]}
]
}
],

``

Do you have a use-case for a dynamic list of roles?

[it would be really cool if one day the crossbar config was dynamic and could be changed on the fly without a reload - I guess that would facilitate dynamic roles … :slight_smile: ]

0 Likes