Storing information in session

#1

I’d like to authorize based on roles that are not defined in my crossbar config file. If my dynamic authorization method returns a role, I get:

Internal error (2): role auto-activation (role ‘test_role’) not yet implemented

It appears that crossbar requires roles to be predefined in the configuration.

Instead, I’m wondering if there’s a way to store information in the session, such that it is persisted between requests, but not exposed (or editable) by the client. Then I could load the roles & abilities into the session object, and refer to that in my dynamic authorization method.

Any other suggestions?

Thanks

Norman Elton

0 Likes

#2

I'd like to authorize based on roles that are not defined in my crossbar
config file. If my dynamic authorization method returns a role, I get:

Internal error (2): role auto-activation (role 'test_role') not yet

implemented

It appears that crossbar requires roles to be predefined in the
configuration.

pls see https://github.com/crossbario/crossbar/issues/1379

in short: Crossbar.io needs predefined roles, CrossbarFX allows to
remotely and dynamically create WAMP roles ..

Instead, I'm wondering if there's a way to store information in the
session, such that it is persisted between requests, but not exposed (or

There are no "requests" in WAMP

editable) by the client. Then I could load the roles & abilities into the
session object, and refer to that in my dynamic authorization method.

No, this would break the design: WAMP routers are not for storing
application data

Any other suggestions?

CrossbarFX has that feature (dynamic role creation)

···

Am 23.08.2018 um 03:59 schrieb norm...@gmail.com:

Thanks

Norman Elton

0 Likes