Release 2.x‎ > ‎Install - Reference‎ > ‎Config Ref Guide‎ > ‎Security‎ > ‎Deciders‎ > ‎

Decider

A Decider is responsible for accepting inputs, applying "some logic" to determine if a Request should or should not be allowed, and returning an "effect".  The "effect" is either "allow" or "deny".  The Enforcer "calls" a Decider and is expected to honor the "effect" of the Decider.  The Decider is part of the Authorization mechanism. Users of a Decider (and Policies) can include: 

  • ServletFilter
  • Engine
  • Representation

The default OpenPTK decider is BasicDecider.  BasicDecider is an OpenPTK internal authorization mechanism that implements the DeciderIF interface.  Examples of other external deciders could be one that leverages OAuth or Oracle's Entitlements Server.

Syntax

<Decider id="internal">
    <Properties>
        <Property name="decider.classname"
                  value="org.openptk.authorize.decider.BasicDecider"/>
       </Properties>
</Decider>


Arguments

NameRequiredDescriptionExample
idYesA unique identifier for a given Decider.id="internal"


Properties

NameRequiredDescriptionExample
decider.classnameYesA fully qualified Java classname that implements the Decider Interfaceorg.openptk.authorize.decider.BasicDecider


XML Sub-Elements