Security Data Sources

Top  Previous  Next

mor.Security component provides data sources that contain information about current user, active users, system users, system roles & checkpoints etc.

The data source configuration definitions are located in mor.security.config.xml file under WEB-INF/MM-INF/config directory. The definitions in this file are made assuming the security domain of the application is "main".

If you need to use another security domain name other than "main" then you have to introduce new definition for that domain. In case the new security domain name is "newdom" then new data source definitions must be done as follows.

  <dataSource name="mor_security_userinfo_newdom" basedon="mor_security_userinfo">

    <secdom>newdom</secdom>
  </dataSource>

 

The Security Data Sources

mor_security_userinfo

mor_security_userlist

mor_security_rolelist

mor_security_checkpointlist

mor_security_details

mor_security_activeuserlist

mor_security_messages

 

 

mor_security_userinfo

Contains information about the current user.

  <mor_security_userinfo_main>
 
    <!-- The id of the user that is assigned by the persistency system -->
    <id>238748</id> 
 
    <!-- The name of the user which is unique in the sub-domain (if available) or in the domain -->    
    <username>john</username>
 
    <!-- The E-mail address of the user that is unique in the domain -->    
    <email>john.doe@hiscompany.com</email
 
    <!-- The full name of the user -->
    <fullname>John Doe</fullname>
 
    <!-- Contains the name of the sub-domain (if available) -->
    <subdomain></subdomain>
 
    <!-- Contains true if the user is currently logged in to the domain  -->    
    <loggedin>true</loggedin>
 
    <!-- The last time the user information is modified -->
    <lmodified>27364827364</lmodified>
 
    <!-- Contains the last login time of the user as integer  -->
    <signedIn>23874682374</signedIn>
 
    <!-- Contains the last access time of the user to any page of the application as integer  -->
    <lastAccess>123827367236</lastAccess>
 
    <!-- Custom Attributes -->
    <DEPT>VE-115</DEPT>
    <LOCATION>B-BLOCK</LOCATION>
 
    <checkpoints>
      <!-- Checkpoints owned by the user
           For each checkpoint-authority a sub node under this node will exist. -->
      <CAN_DO_THIS/>
      <CAN_DO_THAT/>
    </checkpoints>
 
  </mor_security_userinfo_main>

 

mor_security_userlist

Lists the defined users of the security domain.

  <mor_security_userlist_main>
    <item>
      <id>238748</id> 
      <username>john</username>
      <email>john.doe@hiscompany.com</email
      <fullname>John Doe</fullname>
      <disabled>false</disabled>
      <DEPT>VE-115</DEPT>
      <LOCATION>B-BLOCK</LOCATION>
    </item>
    <item>
      <username>jody</username>
      ...
    </item>
  </mor_security_userlist_main>  

The data service class of this data source can filter the list if a search criteria session ADOM with name "mor_security_searchcriteria_domainName" is provided. The _criteria sub-node of the ADOM should contain the search criteria in field=value[;field=value] form as follows.

The following search criteria will filter the users whose name include "john".

  <mor_security_searchcriteria_main>
    <_criteria>name=john;<_criteria>
  </mor_security_searchcriteria_main>  

The following search criteria will filter the disabled users of department "VE-115".

  <mor_security_searchcriteria_main>
    <_criteria>DEPT=VE-115;disabled=true<_criteria>
  </mor_security_searchcriteria_main>  

 

 

mor_security_rolelist

Lists the defined roles of the security domain

  <mor_security_rolelist_main>
    <item>
      <id>38247638</id><!-- The id of the role that is assigned by the persistency system -->
      <name>MANAGER</name><!-- The name of the role -->
      <desc>MANAGER Role</desc><!-- The description of the role -->
    </item>
    <item>
      <id>236754726</id>
      <name>OPERATOR</name>
      <desc>OPERATOR Role</desc>
    </item>
  </mor_security_rolelist_main>  

 

mor_security_checkpointlist

Lists the defined checkpoints of the security domain.

  <mor_security_checkpointlist_main>
    <item>
      <id>235462354</id><!-- The id of the checkpoint that is assigned by the persistency system -->
      <name>CAN_DO_THIS</name><!-- The name of the checkpoint -->
      <desc>CAN_DO_THIS Checkpoint</desc><!-- The description of the checkpoint -->
    </item>
    <item>
      <id>7364565</id>
      <name>CAN_DO_THAT</name>
      <desc>CAN_DO_THAT Checkpoint</desc>
    </item>
  </mor_security_checkpointlist_main>  

 

mor_security_details

Provides the details of the specified user, role or checkpoint.
 

User Details
 
If the request contains a parameter called username then this data source provides the details of the specified user.

display.doms?pg=pageX&username=john

  <mor_security_details_main>
    <id>837462</id>
    <username>john</username>
    <fullname>John Doe</fullname>
    <email>john.doe@hiscompany.com</email
    <disabled>false</disabled>
    <DEPT>VE-115</DEPT>
    <LOCATION>B-BLOCK</LOCATION>
  </mor_security_details_main>

 

Role Details
 
If the request contains a parameter called rolename then this data source provides the details of the specified role.

display.doms?pg=pageY&rolename=MANAGER

 <mor_security_details_main>
    <id>23423</id>
    <name>MANAGER</name>
    <desc>MANAGER Role</desc>
    <checkpoints> 
      <!-- The checkpoint-authorities owned by the role -->
      <CAN_DO_THIS/>
      <CAN_DO_THAT/>
    </checkpoints>
  </mor_security_details_main>

 

CheckPoint Details
 
If the request contains a parameter called cpname then this data source provides the details of the specified checkpoint.

display.doms?pg=pageZ&cpname=CAN_DO_THIS

  <mor_security_details_main>
    <id>8237482</id>
    <name>CAN_DO_THIS</name>
    <desc>CAN_DO_THIS CheckPoint</desc>
  </mor_security_details_main>  

 

mor_security_activeusers

Lists the users currently logged in to the security domain.
 

  <mor_security_activeusers_main>
    <item>
      <username>john</username>
      <subdomain></subdomain>
      <signedIn>23874682374</signedIn>
      <lastAccess>123827367236</lastAccess>
 
      <!-- Available in Full Details Mode -->
      <id>238748</id> 
      <email>john.doe@hiscompany.com</email
      <fullname>John Doe</fullname>
      <disabled>true</disabled>
      <DEPT>VE-115</DEPT>
      <LOCATION>B-BLOCK</LOCATION>
    </item>
    <item>
      <username>jody</username>
      ...
    </item>
  </mor_security_activeusers_main>

The data source parameters

mor_security_activeusers data source is configured as follows.

  <dataSource name="mor_security_activeusers_main" basedon="mor_security_activeusers">
    <FullDetails>false</FullDetails>
    <SubDomain></SubDomain>
  </dataSource>

It is possible to change this configuration in mor.security.config.xml file or to create another one based mor_security_activeusers configuration to request the full details or to filter the users on a sub-domain basis.

 

 

mor_security_messages

Contains the error messages from the Security Component classes
 

  <mor_security_messages>
    <message id="PASSWORDS_DO_NOT_MATCH">
      <secdom>main</secdom>
      <text>Passwords do not match</text>
      <details></details>
    </message>
  </mor_security_messages>