Checking Access Based Upon Role Instead of User

[nattri07]

Hello,

I want to ask if it is possible to add access based upon the role specified in the request (via JWT) instead of first adding the user with the corresponding role to the ACL backend instance? The reason is twofold:

1. I won't be necessarily have a user corresponding to a role. (For example if I have to write ACL for a service)
2. I want to implement a fast session authentication system using in-memory validation. If I force my system to make a corresponding user each time a new one makes a request, it'll lead to memory bloating and the system wouldn't scale.

P.S. Is this project still actively maintained? I haven't seen an update since September 2017. @manast