Seraph Concepts

Seraph is based around a number of core elements, all of which are pluggable in the framework.

Concept Description
Security Service

A security service calculates the roles required to process a particular request.

See the Services doc for more information.

Interceptor

Interceptors allow you to run code before/after security events (such as login or logout). Under the Servlet specification this is impossible to do.

It's useful for doing things like running code after a user logs in (ie date of last login), cleaning up resources when a user logs out, or tracking the number of failed authentication attempts against a particular user.

Authenticator An Authenticator authenticates a user against a backend user system.
Controller The controller governs whether security is enabled or disabled globally.
Role Mapper This maps broad security roles against the security in your application, eg groups or application-specific permissions. See the RoleMapper interface for details.