Sidebar
This is an old revision of the document!
This page describes the details of the security implementation in WebAPI.
(Please provide the following details):
What library/framework is used to provide the security features? (this can be a copy paste from the project page of shiro, with a link to the actual site's documentation)
What's the difference between resource and role oriented security?
Please list the new tables introduced to support the security layer, and provide a short description of each table.
How is a new user added into the system to grant permissions to?
How are the default permissions assigned? For example: when a new user appears in the system, what are the default permissions?
For a developer adding a new service end-point, what annotations/configuration changes must be applied to restrict access to the endpoint based on a role or resource identifier?
Please list any frequently made mistakes in configuration or environment that a site owner might experience when first setting up the security layer (sort of a troubleshooting FAQ).
