Geomajas Community Documentation

8.3. SecurityManager service

The security manager manages the (thread-local) security context. It delegates to the available security services to build the authentication objects and get the user information which is then stored in the in the security context. The security services themselves will check with the authentication server or service whether the token is still valid, and will get the policies from a policy server or service to populate the authentication objects with the credentials.

Security architecture

Figure 8.1. Security architecture


The SecurityManager service has the following methods:

  • boolean createSecurityContext(String authenticationToken) : create the security context for this thread, based on the authentication token.

  • void clearSecurityContext() : clear the security context for this thread.