Trace:
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
jvx:server:security:manager [2020/06/15 11:05] cduncan Edited for English grammar (capitalization, punctuation, correct verb conjugation) |
jvx:server:security:manager [2020/07/22 13:07] (current) cduncan errant comma |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ~~Title: Implementing the Security Manager~~ | ~~Title: Implementing the Security Manager~~ | ||
| - | The security manager is used when the client or a user have to be authenticated. In this case, the login data will be transmitted by the client to the server for verification. The server will always delegate the verification of login data to a defined security manager. | + | The security manager is used when the client or a user has to be authenticated. In this case, the login data will be transmitted by the client to the server for verification. The server will always delegate the verification of login data to a defined security manager. |
| - | After successful verification the client can complete the login process. In the case of an error a detailed error message will be shown. | + | After successful verification, the client can complete the login process. In the case of an error, a detailed error message will be shown. |
| Our goal is the implementation and use of a security manager. The valid user/password combinations are shown in a hash table. | Our goal is the implementation and use of a security manager. The valid user/password combinations are shown in a hash table. | ||
| Line 168: | Line 168: | ||
| ''changePassword'' allows a password change. If the change fails or is not required, an exception is thrown. The exception message is translated at the client and displayed to the user if necessary. | ''changePassword'' allows a password change. If the change fails or is not required, an exception is thrown. The exception message is translated at the client and displayed to the user if necessary. | ||
| - | ''logout'' tells the security manager that the session was ended. This is either done manually by the user, or automatically after the expiration of the timeout period. | + | ''logout'' tells the security manager that the session was ended. This is either done manually by the user or automatically after the expiration of the timeout period. |
| ''getAccessController'' limits access to [[jvx:server:lco:lifecycle|Life Cycle Objects]]. This method is called when a master connection is established to control access to sub-connections and sub-sessions. When a sub-connection is established, we can verify if access is allowed using IAccessController.isAllowed. | ''getAccessController'' limits access to [[jvx:server:lco:lifecycle|Life Cycle Objects]]. This method is called when a master connection is established to control access to sub-connections and sub-sessions. When a sub-connection is established, we can verify if access is allowed using IAccessController.isAllowed. | ||