872d958df99893cfaedcb2e2f20b291e96ba0a9a
wiki/usermanagement.md
| ... | ... | @@ -84,6 +84,24 @@ securityManager.cacheManager = $cacheManager |
| 84 | 84 | /YourFantasyURL.html = anyofroles[admin,eventmanager] |
| 85 | 85 | </pre> |
| 86 | 86 | |
| 87 | +In addition to URL-based security that is configured in `shiro.ini`, using bundles can do two more things: |
|
| 88 | + |
|
| 89 | +* Use `SecurityUtils.getSubject()` in server-side code to obtain the current subject on whose behalf the call is being executed. This allows the application to check for roles and permissions, as in |
|
| 90 | + |
|
| 91 | + if (SecurityUtils.getSubject().checkRole("some-role")) { |
|
| 92 | + ... // do something for which the subject must have role "some-role" |
|
| 93 | + } else { |
|
| 94 | + ... // throw some security exception or simply don't carry out the transaction |
|
| 95 | + } |
|
| 96 | + |
|
| 97 | +* Use the `SecurityService` API to store and retrieve data such as preferences or settings and work with the user base, including creating, modifying and deleting user accounts and manipulating their roles. The `SecurityService` registers itself with the OSGi registry upon bundle activation. |
|
| 98 | + |
|
| 99 | + ServiceTracker<SecurityService, SecurityService> tracker = new ServiceTracker<>(context, SecurityService.class, /* customizer */ null); |
|
| 100 | + tracker.open(); |
|
| 101 | + SecurityService securityService = tracker.waitForService(0); |
|
| 102 | + |
|
| 103 | +The security service offers methods such as `addSetting`, `setSetting` and `getSetting` to manage name/value pairs. The settings API is typed in the sense that when registering a setting |
|
| 104 | + |
|
| 87 | 105 | #### com.sap.sse.security.userstore.mongodb |
| 88 | 106 | #### com.sap.sse.security.ui |
| 89 | 107 |