Overview
This service is used for authentication and authorization within the application. It is also responsible for user management and leverages a "security handler" configured via the config.properties file. The development environment uses a form of "default" security with fake users, and the production deployment uses "IMS" security with integrations to IHTSDO Identitiy Management Service.
Internal API - SecurityServiceJpa
Lower level calls of the internal API include:
- Authenticate
- Logout
- Add/update/remove/get/find user(s)
- Add/update/remove user preferences
- Get an application role for a token
- Find a username for a token
REST API - SecurityServiceRest
The public facing methods of the security service include:
- Authenticate
- Logout
- Add/update/remove/get/find user(s)
- Add/update/remove user preferences
- Get application roles (for a client UI picklist)
References/Links
- n/a