brief introduction to module usage

Here you can find a snippet on how to configure your Maven pom.xml to correctly produce the necessary instrumentation and packaging for both loadtime and precompiled instrumentation approaches.

Quick Start

explain how to configure the module

Basic Concepts

explain how to correctly use those entities

Group

Groups are used to collect users in a single manageable unit and thus allowing to grant or remove a certain role to a set of users through one single operation. Please don't confuse groups with roles as the former are merely a set of users while the latter describe a kind of user. To better explain manager is a role while users allowed to manage the system can be a group, which is an option to simplify management and not a requisite.

Role

Roles describe an impersonal figure or business function for the system. Typical roles are administrator, manager, user and guest, but more complex structures are allowed. Roles typically have singular names as they do not collect users (as sometimes we can erroneusly think) but instead they aggregates privileges. With this in mind we can describe roles as sets of privileges. To clarify with an example: the system manager is someone (or something!) who is allowed to access management functions and resources. All users we bind to the manager role will be granted such privileges. As roles are not expected to vary very often and usually such variations require coding we decide to put roles definition into an XML configuration file.

User

Users are what you expect they are: description of an external entity accessing your application. Users can be human beings or computer machines and they both need to authenticate on the system using the process you prefer. Whenever an external entity access your system not authenticating itself we identify it as a guest, a special user used exclusively for this purpose.

Scope

....

Features vs Properties

distinguish between features (contains inherited) and properties (doesn't contains inherited)

Advanced Topics

explain how to customize handlers to verify your own constraints