Skip navigation links

Package org.wamblee.security.authorization

The authorization package provides an authorization service that can be used to check whether users have the rights to perform certain operations.

See: Description

Package org.wamblee.security.authorization Description

The authorization package provides an authorization service that can be used to check whether users have the rights to perform certain operations.

AuthorizationService is the entry point. There is one POJO based implementation DefaultAuthorizationService. In addition, there is JpaAuthorizationService which caches an authorization service for efficiency (i.e. DefaultAuthorizationService is an entity); The DefaultAuthorizationService uses a number of authorization rules to determine whether access allowed. One generic UrlAuthorizationRule is provided which determines whether a given user can perform a specific operation for a specific resource type at a specific URL is allowed. The authorization service needs to access the current user through the UserAccessor and needs access to the UserAdministration to check whether the user belongs to certain groups.
Skip navigation links

Copyright © 2022. All rights reserved.