Legacy platform

Interface contracts of the underlying UI framework - authorization

Interface contracts of the underlying UI framework define behavior for authorization in an application.

For more information, refer to the Java™ API documentation in your installation directory (<INSTALL_DIR>/xapidocs/core_javadocs).


Interface Contract Description Methods
ISCUIAuthorizationProvider

Defines the behavior expected in any implementation of authorization in an application.

ISCUIAuthorizationProvider is plugged in to an application using the context parameter in web.xml:
  • <param-name>

    scui-authorization-provider

  • <param-value>

    com.app.MyAppAuthorizationProvider

  • hasPermission

    Takes in SCUIContext and resourceId. Returns true if the user in the SecurityContext has any permission to the resource given by the resourceId. Otherwise, it returns false.

  • getPermission

    Takes in SCUIContext and resourceId. Returns an implementation of ISCUIResourcePermission that contains the permission for the given resourceId.

  • init

    Handles initialization, like loading the security information or caching it. This method is called once, when ISCUIAuthorizationProvider is first set.

  • sessionDestroyed

    Closes all opened session-specific handles.

    The ISCUIAuthorizationProvider class extends the ISCUISessionAware class, which is a marker class that helps the ISCUIAuthorizationProvider class register itself to the HttpSessionListener implementation class.

    When a session is invalidated or destroyed, the sessionDestroyedmethod is called by the listener to close the handles opened during initialization.

ISCUIResourcePermission

Defines the behavior expected in any implementation of authorization for a given resource ID in an application.

ISCUIResourcePermission is returned by ISCUIAuthorizationProvider after the authorization.

  • canRead

    Returns true if the user has permission to read for a given ResourceId. Otherwise, it returns false.

  • canEdit

    Returns true if the user has permission to edit for a given ResourceId. Otherwise, it returns false.

  • canExecute

    Returns true if the user has permission to execute for a given ResourceId. Otherwise, it returns false.

    This could be the permission control that is used for executing the mashup class.