The role service must be a stateless component that implements the CtsSecurity::RoleService IDL interface:
interface RoleService {
boolean isMember(
in CtsSecurity::SessionInfo sessionInfo,
in string role);
};
isMember checks if the authenticated client is a member of the role. The client’s credentials are obtained from sessionInfo. The server first checks if the role is defined in the repository. If the role is defined, then membership checks are performed. If the role is not defined, the server assumes that the user is not a member of the role, and the role service is invoked. The result from this method is cached by the server, where it can be referenced for the same client/role combination, provided the internal cache has the relevant information.
For more information, see the generated CtsSecurity::RoleService IDL interface documentation.
