[This is preliminary documentation and is subject to change.]
Defines fundamental security types like users and permissions
Classes
| Class | Description | |
|---|---|---|
 | AccessLevel |
A level of access granted to user for certain permission, i.e. if (level.Denied).....
|
| AdHocPermission |
Represents a permission check instance which is a-typical and is based on string arguments
|
| AuthorizationException |
Base exception thrown by the security framework
|
| BlankCredentials |
Represents credentials that are absent. This is a singleton class
|
| ConfigSecurityManager |
Provides security manager implementation that authenticates and authorizes users from configuration
|
| Credentials |
User credentials base class. A credentials may be as simple as user+password, access card codes, door key, Twitter account token etc...
|
| DefaultPasswordManager |
Provides default implementation for password managment functionality based on injectable algorithms and default password strength calculation
|
| GDIDCredentials |
Represents credentials based on Global Distributed ID
|
| HashedPassword |
Represents abstraction of a hashed password, the concreate password algorithm provide implementation (i.e. bytebuffer, dictionary, string)
|
| IDPasswordCredentials |
Represents simple ID/password textual credentials.
Note: The password is stored as plain text
|
| MD5PasswordHashingAlgorithm | |
| NOPSecurityManager |
Provides security manager implementation that does nothing and always returns fake user instance
|
| PasswordHashingAlgorithm |
Represents an abstraction of password algorithm that performs hashing and verification of passwords supplied as SecureBuffer
|
| PasswordHashingAlgorithm TOptions | |
| PasswordRepresentation |
Provides password representation content, i.e. an image with drawn password which is understandable by humans
|
| Permission |
Represents a general permission abstraction - where permission type represents the path/name of the permission
in User's rights and .ctor takes specific parameters to check while authorizing user.
Permission-derived class represents a certain permission type, whereas its instance is a check for particular desired level.
To authorize certain actions, one creates an instance of Permission-derived class passing in its .ctor required
access levels, then calls a Check() method that returns true if action is authorized.
This scheme provides a great deal of flexibility, i.e. for very complex security cases developers may inherit leaf-level permissions from intermediate ones
that have logic tied to session-level variables, this way user's access may vary by permission/session state, i.e. a user may have
"Patient.Master" level 4 access in database "A", while having acess denied to the same named permission in database "B".
User's database, or system instance is a flag in user-session context
|
| Rights |
User rights contains data about access levels to permissions in the system.
Use Configuration internally to keep the data organized in hierarchical navigable structure.
Configuration also allows to cross-link permission levels using vars and make acess level
dependent on settings on a particular machine using environmental vars
|
| SecureBuffer | |
| SecurityException |
Base exception thrown by the Security framework
|
| SocialNetTokenCredentials |
Represents credentials supplied from/to Social Net site (i.e. Facebook, Twitter etc.)
|
| TypedPermission |
A general ancestor for all typed permissions - the ones declared in code
|
| User |
Provides base user functionality. Particular security manager implementations may return users derived from this class
|
Structures
| Structure | Description | |
|---|---|---|
 | AuthenticationToken |
Represents security provider-internal ID that SecurityManager assigns into User object on authentication.
These tokens can be used in place of Credentials to re-authenticate users or to requery user rights.
External parties should never be supplied with this struct as it is backend-internal
|
| MD5PasswordHashingOptions |
Interfaces
| Interface | Description | |
|---|---|---|
 | IPasswordHashingOptions | |
| IPasswordManager |
Denoutes an entity that manages passwords such as: computes and verified hash tokens
and provides password strength verification
|
| IPasswordManagerImplementation | |
| ISecurityException |
Marker interface for security exceptions
|
| ISecurityManager |
Represents an entity that performs user authentication based on passed credentials and other security-related global tasks
|
| ISecurityManagerImplementation |
Represents an implementation of an entity that performs user authentication based on passed credentials and other security-related global tasks
|
| IStringRepresentableCredentials |
Denotes credentials that can be represented as a string that can be used for example in Authorization header
|
Delegates
| Delegate | Description | |
|---|---|---|
 | GetSessionFunc |
Invoked by permission checker to get session
|
Enumerations
| Enumeration | Description | |
|---|---|---|
 | PasswordFamily |
Denoutes kinds of passwords i.e.: text that user types on login, short PIN,
geometrical curve that users need to trace with their finger, select areas of picture
|
| PasswordRepresentationType |
Flags denote types of password representation: Text/Image/Audio
|
| PasswordStrengthLevel | |
| UserStatus |
User status enumeration - super-permission levels
|
Copyright © 2006-2017 ITAdapter Corp Inc. (http://www.itadapter.com)