Attribution

The attribution capabilities provide attribute information for attributed objects within the security system and provide lists of objects.

The attribution capabilities are classified as those that perform one or both of the following tasks: Attributed objects are represented by the com.sybase.provider.Attributed interface, which is sub-classed by several core interfaces such as SecSubject and SecResource.
In general, attributed objects may have zero or more attributes assigned to them represented by string keys. Each of these keys may have zero or more string values associated with it. Example attributes for a subject may be first name and e-mail address. Each attribution provider defines their own list of attributes, keys, and values. Some standard attributes that all attribution providers should support, if relevant, are: These map cleanly to extra fields in named objects.

Not all provider sets include an attribution provider. For example HttpAuthetnicationLoginModule and NTProxyAuthLoginModule do not have a corresponding attributer. In SAP Mobile Platform, the attributer is the key interface for making changes to the back-end security system. The attributer is typically used for listing resources and roles in the back-end. For example LDAPAttributer is used to list the roles defined in the LDAP server. Using the attributer, you can implement self-registration to create a user account in the back-end security configuration or to change a password.

The attribution provider interface is defined by the com.sybase.security.provider.Attributer interface. The attribution providers have the same life-cycle methods as the authorization providers. The same rules should be followed with respect to thread safety. All of the attribution provider methods include a context map which can be used to store state information associated with a security context.

Parent topic: SAP Mobile Platform Security Framework