The getSecurityRole() method is used during authorization to determine the security role associated with the external user. The security roles used for external users are configured in the same way as the security roles for internal users.
/** * The implementation of this method should return the security * role associated with the external user for authorization * purposes. If the user does not exist null should be * returned. * * @param identifier The identifier of the external user. * * @return The security role for authorization. * * @throws AppException Generic Exception Signature. * @throws InformationalException Generic Exception Signature. */ String getSecurityRole(String identifier) throws AppException, InformationalException;
The SDEJ will invoke an implementation of this method during the authorization process if the user does not exist in the security cache. Only internal users can exist in the security cache. This means that the identifiers used to identify external users must be unique and not conflict with usernames setup for internal users, unless the custom UserScope interface as described in User Scope , is implemented. Otherwise, if any usernames conflict the access rights assigned to the internal user will also be used for the external user.
If a role cannot be determined for the external user, null must be returned so that the SDEJ can report the authorization error correctly.