Designing and Implementing Composite Applications : Getting Started with the webMethods Application Platform API : Using the Application Platform API : Adding Single Sign-On Authentication to Application Platform Projects : OSGi Service Layer Security : Declarative Security
Declarative Security
Application Platform enables you to add declarative security to POJOs that are published as OSGi services by using the @Service annotation. To add security to POJOs that are published as OSGi services, you can use the @Secure annotation, together with a set of common Java EE security annotations. Application Platform supports the following common Java EE security annotations, which you can use at the class or method level:
*@DenyAll
*@PermitAll
*@RolesAllowed for My webMethods Server
*@AclAllowed for Integration Server
The following sample codes show an OSGi service implementation of declarative security, where the @Secure annotation indicates that the AdderService service is secure and the invocation of the service methods is denied by default with the @DenyAll annotation. The examples show how you can allow invocation of the add method, as follows:
*By users with Admin or Developer role in My webMethods Server, by using the @RolesAllowed annotation:
@Service
@Secure
@DenyAll
public class AdderService {
 
     @RolesAllowed({"Admin", "Developer"})
     public float add(float x, float y) {
          return x + y;
     }
}
*By users with Developer role in Integration Server, by using the @AclAllowed annotation:
@Service
@Secure
@DenyAll
public class AdderService {
 
     @AclAllowed({"Developer"})
     public float add(float x, float y) {
          return x + y;
     }
}
Copyright © 2017 Software AG, Darmstadt, Germany. (Innovation Release)
Product LogoContact Support   |   Community   |   Feedback