Coherence Security Examples

Skip to end of metadata
Go to start of metadata

The "Coherence Security Examples"

Is a collection of examples that show how to use the security features of Coherence in order to provide access control.
These examples are simplified to show only the security features of Coherence. They are not examples of security best practices:

This Example Set

  • Gets a cache reference that requires a password.
  • Attempts cache and invocation service operations that require different roles.

Running the Example Set

First, review the following information:

  1. How to Build the Examples
  2. How to Run the Examples


Second, review the information on the Driver implementation found here:

The Driver

Has a static main method that executes all the security examples in the following order:

  • PasswordExample
  • AccessControlExample.accessCache()
  • AccessControlExample.accessInvocationService()

Is implemented in each of the three programming languages supported by Coherence:

Language Implementation Class
Java com.tangosol.examples.security.Driver in java/src
.NET Driver in namespace Tangosol.Examples.Security in dotnet/src/security
CPP Driver in namespace coherence::examples in cpp/security
Please refer to this example set's example source for more details on each of the examples outlined below.

Password Example

This example shows how a Coherence Proxy can require a password to get a reference to a cache.

The example Output:


------password example begins------
------password example succeeded------
------password example completed------

Access Control Example

This example shows simplified role based access control.

The example Output:


------cache access control example begins------
    Success: read and write allowed
    Success: read allowed
    Success: Correctly cannot write
    Success: Correctly cannot destroy the cache
    Success: Correctly allowed to destroy the cache
------cache access control example completed------
------InvocationService access control example begins------
    Success: Correctly allowed to use the invocation service
    Success: Correctly unable to use the invocation service
------InvocationService access control example completed------

Password Identity Transformer

This example shows how an IdentityTransformer produces a security token from an identity.

Password Identity Asserter

This example shows how an IdentityAsserter validates a security token and produces a Subject from a list of principal names.

Entitled Cache Service

This example shows how a remote cache service can be wrapped to provide access control.

Entitled Invocation Service

This example shows how a remote invocation service can be wrapped to provide access control.

Entitled Named Cache

This example shows how a remote named cache can be wrapped to provide access control.

Labels:
None
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.