Data security
The data security component enables users to configure an attribute of the XML that is coming in or flowing through the service to be validated against the list of enterprises. This enables you to secure data based on the user groups discussed in Section 4.3 Defining User Groups".
For enterprise validation, the list
of enterprises that the user can access is determined and validated
for the attribute value provided. Once the user is determined, the
data security ID for that user is picked from the YFS_USER table
and the list of enterprises the user can access is determined and
the value of the attribute is validated.
For custom validation, you can implement
a YIFSecurityValidator interface to set and validate
the user ID. The class that implements this interface is created,
the user is set in that component, and the input XML is parsed to
obtain a list of attribute values, which are then passed to a validating
method.
For more information about the YIFSecurityValidator,
see the Javadoc.
If the security component access validation succeeds, the input XML is passed to the next component. If the validation fails an error is thrown back to the caller indicating that the security access failed.
This data security component can be used in a service where an XML is flowing through. If the component is configured after a component that does not output an XML, a runtime error is thrown.
| Property | Description |
|---|---|
| General Tab | |
| Enterprise Validation | Select this option if you want the user group to be validated
against a list of enterprises. If this option is selected, the Attributes to Validate must be entered. |
| Attributes to Validate | Required, only if enterprise validation is selected. Enter the XPath to an attribute that needs to be validated. |
| Custom Validation | Select this option if you choose to do a custom validation. The class name should be provided if this option is selected. |
| Class Name | Required, only if custom validation is selected. Enter the name of the custom class that you wish to implement for the custom validation. |
| User Identification | Select one of the following options to set the user information
for the custom or enterprise validation. User ID: Select the user ID from the drop-down list. YFSEnvironment:
Select this option to use the user ID from |
| Arguments Tab | |
| Argument Name | The name of the parameter to be passed to the validator method. |
| Argument Value | The value of the parameter to be passed to the validator method. |