As described in How to model Actors / Roles JEAF supports to define roles and authorizations based on the UML model.
The diagram above shows the output that is generated by JEAF Generator based on Roles (stereotype «JEAF Actor»
) and services (stereotype «JEAFService»
). JEAF Generator will take that as input and will write a resource file named AuthorizationData.xml
to res-gen
. This resource file will contain a so called authorization type for every operation of every JEAF Service. For every actor so called roles will be generated. These roles will reference authorization types based on the information that are defined in the UML model. If an actor has a dependency to a whole service then this means that users with this role are allowed to call all the methods of the service. If an actor references a single operation of a service then he only has access to this operation.
The role and authorizations that are defined in the generated file can be used by JEAF Security to ensure security at runtime.
For further information please also refer to: