I have the same question as you. Did you ever find an answer, Ari? -Kevin Den fredagen den 1:e mars 2013 kl. 15:36:45 UTC+1 skrev Ari: > > > > On Tuesday, February 26, 2013 8:54:19 PM UTC-5, Ari wrote: >> >> On Tuesday, February 26, 2013 3:16:23 PM UTC-5, Chas Emerick wrote: >> >> >>> What do you mean by "sidesteps the auth"? If you're using >>> shoreleave-remote-ring, then the handler produced by its wrap-rpc >>> middleware is subject to whatever access controls you define via Friend. >>> - Chas >> >> >> Friend, as I understand it, allows access to be controlled at the route >> level (see friend >> authorization<https://github.com/cemerick/friend#authorization>) >> allowing for fine-grained access control definitions. However, since >> Shoreleave remote defines and relies on a single URI, which defaults to >> "_fetch", defining such fine-grained access controls is not possible. This >> is what I was referring to by "side-steps" the authentication/authorization >> flow and thus inhibits implementing the client-side/server-side security >> approach I described in my original post. >> >> Following up on my original post, is it possible to create a "roles" >> cookie upon initial authentication; if so, how? Thanks. >> >> -Ari >> > > Not to belabor the question, but can anyone shed light on whether my > understanding and approach is correct? Thanks. > > -Ari >
-- -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
