Using Acegi to protect Java applications, part 3rd: Implementing access Control for Java objects

Using method-based security to protect Java class instances

This three-part series describes how to use the Acegi security system to protect Java enterprise applications. The 1th installment of the series describes Acegi and explains how to implement a simple, URL-based security system with its built-in security filters. Part 2nd describes how to write access control policies and save them to an LDAP directory server, and how to configure Acegi to interact with the directory server to implement access control policies. Part 3rd (also the last article in this series) demonstrates how to use Acegi to protect access to instances of Java classes in an enterprise application.

First I'll explain when you need to protect Java class access, including the two typical enterprise application scenarios referenced in this article. After that, I'll explain how Spring's reverse control (IOC) framework creates instances of Java classes that can be accessed from a JSP or servlet. I'll also introduce important concepts about the bean agent that Spring uses to filter access to Java classes. Finally, I'll explain how to configure the Acegi method security interceptor to control access to Java classes. I'll end the last article in this series by enhancing the sample programs in part 2nd to support the implementation of secure Java objects.

Because the discussion in this article is built on the first two parts of the series, the discussions and examples in parts 1th and 2nd are often referred to. Therefore, before you continue reading this article, opening the first two articles in another browser window will help you understand this article.

Use cases to protect Java classes

As you may recall, I had a brief introduction to enterprise application Security at the beginning of this series. In that discussion I mentioned a scenario where URL security does not fully meet the security requirements of this scenario:

Suppose you have a PDF document that contains data for a particular product produced by a manufacturing company. Part of the document contains design data that will be edited and updated by the Corporate design section. The other part of the document contains the production data that the production manager will use. For such scenarios, you need to implement more granular security and apply different access rights to different parts of the document.

Before you continue reading, consider more application scenarios that require you to protect separate class access in addition to implementing URL security.

Business Automation

Workflows in business automation applications consist of multiple processes. For example, a workflow that performs blood tests in a pathology lab consists of several steps, each of which can be considered as a business process:

The worker collects blood samples from the patient and assigns them an ID.

The lab technicians perform the necessary tests on the samples and prepare the test results.

Prepare the test report according to the test result by the pathologist with appropriate qualifications.

Obviously, each process is performed by a separate authorized user. Unauthorized users are not authorized to execute the process. For example, laboratory researchers are only responsible for preparing test results and not having permission to write test reports.

Almost all business automation applications generally use authorized business processes. Typically, each business process is implemented as a Java class, and all classes need to be protected with appropriate access control policies.

Enterprise to Enterprise (business-to-business) integration

Business-to-business (business-to-business) integration refers to a common scenario in which two enterprise entities need each other to expose their specific features. For example, a hotel may disclose its room reservation function to a travel company, which uses the feature to book a free room for visitors. Travel companies as partners may have a specific rate of booking. In this scenario, the hotel's booking system must first authenticate the travel companies before allowing them access to the selected classes to make room bookings at a specific rate.