Access Keys:
Skip to content (Access Key - 0)
Searching Platform v4.6
In This Section

Application security allows a developer to restrict access to applications, process flows, components and methods. The developer may do so by defining security groups and their user members (see Users, Groups and Privileges) and then restricting access through XML at the appropriate level.

Client Communication

To enable SSL encryption on communication between a client and the fabric, consult SSL Configuration.

Security at the Application Level

Fabric Application Definition XML

In order to restrict access to an entire application:

  1. Define a group-access element with groups that are allowed access:
    <?xml version='1.0'?>
<!DOCTYPE app SYSTEM 'FabricApp.dtd'>
<app name="restricted_app" version='1.0'>
   <group-access>
      <group name="Group1" />
      <group name="Group2" />
   </group-access>
   ...
</app>
  2. Set the correct username/password on the request object in the client code:
    ...
_request.setUsername("Mike");
_request.setPassword("secret");
...

Security at the Process Level

Process Flow Definition XML

In order to restrict access to a process flow, the developer needs to define a process flow group access element with groups that are allowed access:

<?xml version='1.0'?>
<!DOCTYPE process SYSTEM 'ProcessDefinition.dtd'>
<process name="restricted_process_flow">
   <group-access>
      <group name="Group2" />
      <group name="Group3" />
   </group-access>
   ...
</process>

Security at the Component Level

Component Definition XML

In order to restrict access to a component, the developer needs to define a security element with group-access section:

<?xml version="1.0" encoding="utf-8"?>
<java-components xmlns="http://www.appistry.com/ns/component"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.appistry.com/ns/component eaf-component.xsd">
   <component name="component">
      <class name="SecuredObject"/>
      <security>
         <group-access>
            <group name="Group1"/>
            <group name="Group3"/>
         </group-access>
      </security>
      ...
   </component>
</java-components>

Security at the Method Level

Component Definition XML

To restrict access to a component method, define a security element inside the method definition:

<?xml version="1.0" encoding="utf-8"?>
<java-components xmlns="http://www.appistry.com/ns/component"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.appistry.com/ns/component eaf-component.xsd">
   <component name='component'>
      ...
      <method name="secured_method">
         <security>
            <group-access>
               <group name="Group1" />
               <group name="Group2" />
            </group-access>
         </security>
      </method>
      ...
   </component>
</java-components>
Adaptavist Theme Builder Powered by Atlassian Confluence