Package com.softwaremining.vendors.cics.security

Interface ISecurityManager

All Known Implementing Classes:
SMSecurityManager
public interface ISecurityManager
This interface outlines the security functions used internally by SoftwareMining CICS Libraries. The Security framework attempts to reproduce facilities provided by CICS RACF.

Alternatively you may provide your own implementation of this Interface by inserting the following property in softwaremining.properties file: 
SECURITY_MANAGER=com.softwaremining.vendors.cics.security.SMSecurityManager
    or
 SECURITY_MANAGER=com.mycompany.MySecurityManager
Note custom implementation (such as MySecurityManager in above example) must implement this interface.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    DEFAULT_USER
    DEFAULT_USER is used when security-system is switched off

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    authorizeDBAccess(String userId, String tableName, String operation)
    Validate userId has authorization to access table-name.
    boolean
    authorizeLogin(String userId, String password)
    Authorize the Login request
    void
    authorizeTransactionAccess(String userId, String tranId)
    Validate userId has authorization to access/run the tranId.

  • Field Details

    • DEFAULT_USER

      static final String DEFAULT_USER
      DEFAULT_USER is used when security-system is switched off
      See Also:

  • Method Details

    • authorizeTransactionAccess

      void authorizeTransactionAccess(String userId, String tranId) throws NotAuthorizedException
      Validate userId has authorization to access/run the tranId.
      Parameters:
      userId -
      tranId -
      Throws:
      NotAuthorizedException - when user does not have privileges to access this transaction

    • authorizeDBAccess

      void authorizeDBAccess(String userId, String tableName, String operation) throws NotAuthorizedException
      Validate userId has authorization to access table-name.
      Parameters:
      userId -
      tableName -
      operation - - one of "C" (Create/ write / insert), "R" (read) , "U" (update) , "D" (delete)
      Throws:
      NotAuthorizedException - when user does not have privileges to access this table

    • authorizeLogin

      boolean authorizeLogin(String userId, String password)
      Authorize the Login request
      Parameters:
      userId -
      password -
      Returns: