PROBLEM
Authentication is used to determine the identify of the user, however identifying the user isn't the only aspect of security. There needs to be a strategy for verifying that the user is authorized to access an application or perform a specific application function.
SOLUTION
Another aspect of security is authorization. Authorization is the process of verifying that an authenticated user has the authority to perform certain functions. Skyway supports role-based authorization -- an authenticated user has a set of roles that define which functions may perform. In Skyway, the application is responsible for authorizing. The alternative would be for the developer to declaratively designate which roles can invoke certain operation. Letting the application authorize provides the maximum flexibility, since often times a function may not coincide with an operation. To support this kind of authorization model, Skyway Builder provides the following functions that are callable from the Variable Editor step and Groovy step:
Authorization Functions
currentUser() - returns the name of the user currently authenticated, if any
isAuthenticated() - returns whether a user is currently authenticated
isInRole() -- returns whether the user currently authenticated, if any, has the given role
HOW IT WORKS
RELATED RECIPES