Security Manager class summary

This topic summarizes the Security Manager class.

An MDEX Security Manager is any concrete class that implements the com.endeca.portal.data.security.MDEXSecurityManager.

Abstract base class com.endeca.portal.data.security.MDEXSecurityManager
Default implementation class com.endeca.portal.data.DefaultMDEXSecurityManager
Description Handles pre-execution query modification based on the user, role, or group-based security configuration of filters.
Default implementation behavior The default Security Manager implementation makes use of the securityEnabled, securityFilters, rolePermissions, inheritSecurity, and parentDataSource properties. These properties are defined in data source configurations in order to apply role-based security filters to every query issued to the MDEX Engine backing a given data source. Users are assigned to Liferay roles in the Control Panel, and the related associations are made available to every portlet through the user's session. The Security Manager is responsible for maintaining an internal map of security filters for each data source that should always be applied to queries issued for that user's session.
Note: Record filters are the only supported type of securityFilter.
Note: securityEnabled defaults to false if the value is not present.
Note: inheritSecurity defaults to true if the data source has a parent, and defaults to false if not.