The
Security Service Development API 
Purpose
The SAP J2EE Engine Security Provider Service provides a public API, which enables you to use security enhancements in your applications.
The com.sap.engine.interfaces.security package provides the following interfaces:
|
Interface Name |
Description |
|
SecurityContext |
This interface is the root context for security on the SAP J2EE Engine. |
|
AuthenticationContext |
This interface provides the context of the SAP J2EE Engine, or a deployed instance of a component that provides access to the configuration of login modules and user store target. The user management is performed using the setAuthenticationUserStore(UserStore) method that sets the user store configuration. The method changes the target user store for a specified component, or the active user store for the whole SAP J2EE Engine. For more information about the authentication, see Authentication for Web Applications Users on the SAP J2EE Engine. |
|
AuthorizationContext |
This interface provides the context of J2EE Engine, or a deployed instance of a component that enables access to controls over security sensitive resources. |
|
CryptographyContext |
This interface provides the context of the SAP J2EE Engine, or a deployed instance of a component. The interface provides access to the cryptography modules configured for it. |
|
ModificationContext |
This interface provides the context used to bundle modification operations over a security context. |
|
ProtectionDomainContext |
This interface provides the context that provides the functionality targeted at protection domains. For more information about the protection domains concept, see Protection Domains. |
|
ResourceContext |
This interface provides the context targeted at managing resources defined in the server. |
|
SecurityContextObject |
This interface provides the security context attached to the thread that has identifier security. It can be accessed as the ContextObject in the ThreadContext object as “ security ”. |
|
SecurityModificationContextObject |
This interface provides the context attached to the thread with identifier " security_modification". It is accessible as ContextObject in the ThreadContext object under " security_modification". |
|
SecurityRole |
This interface provides for the management of the security roles on the SAP J2EE Engine. When you refer to this interface and want to manage a specified security role, the interface returns an instance of the next interface SecurityRoleContext, which enables you to perform the management of the specified security role. For more information about the security roles concept, see J2EE Engine Security Roles. |
|
SecurityRoleContext |
The interface provides the context for the management of security roles. |
|
This interface provides information about the security session. The session contains information about the caller user and information about the environment where the user authentication is valid.
The security sessions on the SAP J2EE Engine can be accessed in different ways. For more information about how to do this, see Obtaining the Current Security Session ID. |
|
|
SessionListener |
This interface allows for the development of listeners to react on events when a security session is closed. |
|
RemoteSecurity |
This interface enables you to perform remote lookup of the Security Provider Service interfaces. |
· For more information about the interfaces provided, see the Security Provider Service API.
· For more information about securing Web Applications on J2EE Engine, see J2EE Web Applications Security.
· For more information about the authentication via HTTP, see Login Modules Over HTTP.