Implementing IScenarioAuthority methods
Below is a description of each IScenarioAuthority method that you must define, including the following:
Signature of the method
When the method is called by the data server
What the method should return
When each method is called depends on whether authorization caching is on — see the -r or --cacheUsers option.
This interface defines the following methods:
public boolean canView (
IUserCredentials credentials,
IScenarioInstance instance
);
canView is called the first time (or, if authorization caching is off, every time) in a data server or display server session that the server sends data from the specified scenario instance or DataView item to an end user with the specified credentials. Your implementation should return true if the user with the specified credentials is authorized to view the specified instance or item; it should return false otherwise.
Note that if caching is off, canView is called very frequently, as specified by the update rate for the data server (see the description of the -u or --updateRate option). If your implementation renders calls to canView expensive, the performance of your dashboard will be significantly affected.
public boolean canEdit (
IUserCredentials credentials,
IScenarioInstance instance
);
canEdit is called the first time (or, if caching is off, every time) a dashboard attempts to edit an instance. Your implementation should return
true if the user with the specified credentials is authorized to edit the specified instance; it should return
false otherwise. Does not apply to DataView items, but see
Send
event authorization.
public boolean canDelete (
IUserCredentials credentials,
IScenarioInstance instance
);
canDelete is called the first time (or, if caching is off, every time) a dashboard attempts to delete an instance. Your implementation should return
true if the user with the specified credentials is authorized to delete the specified instance; it should return
false otherwise. Does not apply to DataView items, but see
Send
event authorization.
public boolean canCreate (
IUserCredentials credentials,
IScenarioDefinition scenario
);
canCreate is called the first time (or, if caching is off, every time) a dashboard attempts to create a Scenario. Your implementation should return
true if the user with the specified credentials is authorized to create an instance of the specified Scenario; it should return
false otherwise. Does not apply to DataView items, but see
Send
event authorization.
Using UserCredential Accessor Methods
Your implementation of IScenarioAuthority will typically use the following public assessor methods of com.apama.dashboard.security.IUserCredentials:
public String getUsername()
public String getPassword()
public Subject getSubject()
Your implementation may also use the following methods of com.apama.services.scenario.IScenarioInstance:
public String getOwner()
public Object getValue(String parameterName)
Compiling Your Scenario Authority
When you compile your implementation of IScenarioAuthority, be sure to put the following jar files on your classpath:
ap-dashboard-client.jar ap-client.jar These jar files are in the lib directory of your Apama installation.