A Decider is responsible for accepting inputs, applying "some logic" to determine if a Request should or should not be allowed, and returning an "effect". The "effect" is either "allow" or "deny". The Enforcer "calls" a Decider and is expected to honor the "effect" of the Decider. The Decider is part of the Authorization mechanism. Users of a Decider (and Policies) can include: - ServletFilter
- Engine
- Representation
The default OpenPTK decider is BasicDecider. BasicDecider is an OpenPTK internal authorization mechanism that implements the DeciderIF interface. Examples of other external deciders could be one that leverages OAuth or Oracle's Entitlements Server. Syntax<Decider id="internal">
<Properties>
<Property name="decider.classname" value="org.openptk.authorize.decider.BasicDecider"/>
</Properties>
</Decider>
ArgumentsName | Required | Description | Example |
---|
id | Yes | A unique identifier for a given Decider. | id="internal" |
PropertiesName | Required | Description | Example |
---|
decider.classname | Yes | A fully qualified Java classname that implements the Decider Interface | org.openptk.authorize.decider.BasicDecider |
|