Interface SecurityManager

public interface SecurityManager

Interface for handling security checks.


Method Summary
 void doSecure(ResourceMap request, SecureTask task)
          Run the given task after performing a security check.

Method Detail


void doSecure(ResourceMap request,
              SecureTask task)
Run the given task after performing a security check. The security check is done by evaluating the set of requested resources and actions for the current identity. The task is then called with the result of that check in the form of a set of granted actions. It is up to the task to properly handle the set of permissions that are granted.

Note that no guarantees are made about when the secure task is executed. A best effort is made to execute the task in the same transaction as the request, but in some cases (for example when security policy is being loaded from an external source) a separate transaction may be necessary. In this case, the SecureTask will be run inside a separate Darkstar task that is executed after the check is made.

TODO: define ordering issues, if any, with this approach

request - the requested resources and actions on those resources
task - the task to perform after the security check has been completed

Open Wonderland -