Creating a declarative security model for RCP applications

Exploring Eclipse UI scalability

Thick client-based business applications require rigid security regulations where different classes of users receive a predetermined set of access rights. This article explains how to build a flexible security model for Rich-Client Platform (RCP) applications by leveraging features provided by the Eclipse platform.

Rakesh Sahadevan, System Engineer, IBM

Rakesh Sahadevan works as a system engineer for the IBM WebSphere Commerce in India. His interests and expertise include J2EE architecture, RCP applications, OOAD, and XML technologies.



29 November 2006

Also available in Chinese

Why security is important in RCP applications

Controlling access to workbench contributions and SWT controls are important in RCP applications. Developers must hide workbench contributions and user controls based on the user's role. However, Eclipse provides relatively little support for security features developers often need. This security framework example will control the functions presented to the user.

What Eclipse provides

What is an activity?

Eclipse maintains a single, global set of enabled activities. An activity is:

  • A grouping mechanism for related UI functionalities.
  • Specified by set of inclusive or exclusive patterns.
  • Typically defined by the administrator or product manager assembling an application.

See Resources for additional background information on Eclipse activities.

Eclipse provides the org.eclipse.ui.activities extension point as a mechanism to control group-related UI functions. An Activity is a logical set of identifiers. Identifiers represent functionality and could represent, for example, a view or editor preference page, among other things. An activity is enabled when its functionality is available to the user. Conversely, an activity is hidden when an identifier is disabled. An activity can require one or more other activities, which means that enabling one activity enables all the activities it depends on. An activity can also be grouped into one or more categories for presentation to the user.


What kinds of functionalities can be filtered in Eclipse?

Five functionalities can be filtered in Eclipse:

  • Views
  • Editors
  • Wizards
  • Perspectives
  • Menus

This article addresses the problem of application-level security by breaking access into two manageable units: Workbench- and Control-level access.

Workbench-level access includes access of workbench contributions, such as editors, views, and perspectives. Control-level access includes access of SWT controls, such as labels, buttons, combo, and others.

Some users play multiple roles in a typical organization, which requires that a good security architecture recognize users with multiple personalities, meaning users who play several simultaneous roles in an organization. Applications require a robust security model to handle likely scenarios. By using the following security model, you will have the right tools in your belt to create a safe application with security in place that isn't cumbersome for users.


Reimbursement application overview

The reimbursement application is a sample application that illustrates how to map client-side activities to server-side roles. Before diving into the implementation details, let's look at the application architecture and its functionality. The reimbursement application is a corporate application to track employee expenses. The users of this application are employees, managers, and administrators.

Employees
Employees use the application to record business expenses they may have incurred and to request reimbursement. The application notifies the employee's manager when a request is submitted, and the manager reviews the request and approves or disallows it. An employee uses the application to create and submit expense requests. An employee may also use the application to view and delete previously submitted expense requests. All these activities are based on the roles of the user who logged in.
Managers
Managers are notified when an employee in the group submits an expense request. A manager can then approve or disapprove the expense request.
Administrators
Administrators can view the entire report and restore records deleted accidentally.

Managers and administrators have two roles. They are employees who generate expense reports, and they oversee the expense reports created by other employees.

The following use-case diagram illustrates what functions each type of user performs based on roles:

Figure 1. The use-case view
The use-case view

User interactions with the reimbursement application

The login screen is the starting screen for the application. This prompts the user for identifier and password. The authenticated user establishes the user's role and work with activities based on their role (employee/manager/administrator), such as viewing or creating expenses.

Employee has three activities:

  • Create expenses
  • View the expenses
  • Delete expenses
Figure 2. Employee view
Employee view

Manager view

Manager has approval, plus the normal employee privileges.

Figure 3. Manager view
Manager view

Admin view

Administrators have the same access as employees, plus admin access privileges (similar to the UNIX® superuser).

Figure 4. Admin view
Admin view

Application implementation

  1. Create a com.examples.reimbursement.demo plug-in project with RCP support
  2. Create a roles.exsd
Figure 5. Role schema definition
Role schema definition
  1. Add the activities to the "org.eclipse.ui.activities" extension point.
Listing 1. Adding the activities in plug-in
An example of adding activities to the "org.eclipse.ui.activities" extension point: 
      <activity
            id="com.examples.reimbursement.viewActivity"
            name="ViewActivity">
         <activityPatternBinding
            activityId="com.examples.reimbursement.viewActivity"
            pattern=".*/emp\..*">
  1. Map the activities to roles in the com.examples.authorization.demo.roles extension point.
Listing 2. Mapping the roles to activities in plug-in
      <role
          id="com.examples.reimbursement.demo.employee"
          label="com.examples.reimbursement.demo.employee"
          roleId="empRole">
       <enabledActivity id="com.examples.reimbursement.viewActivity">
       <enabledActivity id="com.examples.reimbursement.createActivity">
    <role>
  1. Read the role extension point with help of RegistryReader.
Listing 3. Read the roles from the plug-in
      readRegistry(Platform.getExtensionRegistry(),PLUGIN_ID, PL_ROLES_EXTENSION)
  1. Run the product by launching an Eclipse application.

Conclusion

In this article, you have developed a security model that is flexible enough to add value to your application. You can also plug-in this security model to any existing application. Widget-level security, although a useful feature in most applications, is not often taken care of because of the effort involved in implementation and the risk it creates on application performance.


Download

DescriptionNameSize
Source codeos-ecl-rcpsec.source.zip85KB

Resources

Learn

Get products and technologies

Discuss

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Open source on developerWorks


static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Open source
ArticleID=176302
ArticleTitle=Creating a declarative security model for RCP applications
publish-date=11292006