New ask Hacker News story: Ask HN: Experience using Zanzibar-styled authorization in production?
Ask HN: Experience using Zanzibar-styled authorization in production?
4 by gruuya | 1 comments on Hacker News.
In particular, with some OSS solution, like Ory Keto (https://www.ory.sh/keto) or Authorizer (https://ift.tt/2Wstpd7), both of which look promising for our use case. Even though Ory Keto is more well known, Authorizer seems to be a step ahead by already supporting subject set rewrites, one of the key core concepts from the original Zanzibar paper (the lack of which being a major handicap). Also, how do you manage cascade relation tuple deletion upon deleting the corresponding object/subject resource (e.g. user/group/etc)?
4 by gruuya | 1 comments on Hacker News.
In particular, with some OSS solution, like Ory Keto (https://www.ory.sh/keto) or Authorizer (https://ift.tt/2Wstpd7), both of which look promising for our use case. Even though Ory Keto is more well known, Authorizer seems to be a step ahead by already supporting subject set rewrites, one of the key core concepts from the original Zanzibar paper (the lack of which being a major handicap). Also, how do you manage cascade relation tuple deletion upon deleting the corresponding object/subject resource (e.g. user/group/etc)?
Comments
Post a Comment