Security

The following functionalities are provided by the platform with respect to security
  • User Authentication
  • Permission Management
  • Permission Check Service
  • User Authorization

User Authentication

The platform supports two types of authentication:
  • HTTP Basic Authentication
  • Cookie-based Authentication

Permission Management

Permissions can be assigned to any user as well as to any role. A permission is defined by three attributes:
  • tpye: the qualified class name, e.g., java.io.FilePermission
  • name: the name of the permission, e.g., the path in case of java.io.FilePermission
  • actions: the actions that the permission allows, e.g., read, write

Permission Check Service

The platform provides a web service to check whether the current user owns a certain permission. This service is invoked with a GET-request specifying the resource path /security/check and the query parameter permission. The parameter has the format:

'(' <permission class name> <double-quoted name> <double-quoted actions> ')'.

An example of a valid URL would be: http://localhost:8282/security/check?permission=(java.io.FilePermission "/tmp/*" "read")

As a result of this check the platform returns a response with the code 204, if the user has this permission.

Sitemap
Documentation
Project Infos
Sponsorship
Apache Clerezza, Clerezza, Apache, the Apache feather logo, and the Apache Clerezza project logo are trademarks of The Apache Software Foundation.

© 2011 The Apache Software Foundation.