Apama 10.15.0 | Building and Using Apama Dashboards | Building Dashboard Clients | Sending Events to Correlators | Send event authorization
 
Send event authorization
By default, any user is authorized to send any event. However you can create a custom event authority that determines whether a given user is authorized to send a given event. An event authority is a Java class that implements the canSend method of the interface com.apama.dashboard.security.IEventAuthority:
boolean canSend (IUserCredentials credentials, Event event);
If canSend() returns true the user is allowed to send the event. If it returns false the user is not allowed to send the event and the attempt to send the event is treated as a command failure. Dashboard object property settings determine if this error is displayed to the user.
The event authority is specified in the EXTENSIONS.ini file in the lib directory of your Apama installation. Here is a portion of EXTENSIONS.ini as shipped:
# List of event authorities. An event authority is called to determine
# if a user has rights to send an event to a correlator. Each must implement
# the interface:
## com.apama.dashboard.security.IEventAuthority
## Multiple authorities can be specified. They will be called in the order
# listed.
## Format:
## eventAuthority <classname>
## NoOpEventAuthority - Allows all users to send events
eventAuthority com.apama.dashboard.security.NoOpEventAuthority
# DenyAllEventAuthority - Allows no users to send events
#eventAuthority com.apama.dashboard.security.DenyAllEventAuthority
# eventAuthority <your_class_name_here>
Two event authorities are provided with your installation:
*com.apama.dashboard.security.NoOpEventAuthority: Permits all users to send any event.
*com.apama.dashboard.security.DenyAllEventAuthority: Denies all users rights to send any event.
NoOpEventAuthority is the default event authority. Use a custom event authority when deploying your Dashboards.
See Deploying and Managing Apama for more information on customizing authorization.