Pluggable Security Module

From ZKDesktop

Jump to: navigation, search

Access to ZK Desktop (ZKD) applications is controlled through a pluggable security module known as the keymaster. The keymaster is implemented as a Java class and dynamically loaded into the ZKD based on the keymaster configuration value stored in the zkdesktop.xml file. Using a pluggable authentication system allows easy updates to be made to the ZKD security system without needing to alter any ZKD or ZKD application code.

To implement a keymaster, you must provide a class that implements the zkdesktop.KeyMasterInterface. This interface consists of the following methods:

  • public boolean startup(String webRoot)
Initializes the keymaster class and prepares it for use. Use this routine to do any startup your class needs to perform authentications (connect to web services, databases, etc.) instead of using the class constructor. webRoot is the path to the root folder of the web application, should you need it. Return true if startup is successful, false if it fails.
  • public String getDefaultUser()
Returns the username of the "default" user. The default user is used for authentication requests when no other user name is provided. Use this when using Integrated Windows Security, Basic Authentication or other authentication schemes where the user name is provided for you.
  • public boolean checkKeyRing(String userName, String forKey)
Authenticate a key against the security source. The key names match the lock names specified in the individual ZKD application package description files. You are responsible for performing any needed translation of these names to your own security standards. Return true if the user is allowed to use the requested resource, false if not. On an error condition, return false.
Retrieved from "http://zkdesktop.sourceforge.net/wiki/index.php/Pluggable_Security_Module"
Personal tools