Seraph is based around a number of core elements, all of which are pluggable in the framework.
| Concept | Description |
|---|---|
| Security Service | A security service calculates the roles required to process a particular request. See the Services doc for more information. |
| Interceptor | Interceptors allow you to run code before/after security events (such as login or logout). Under the Servlet specification this is impossible to do. It's useful for doing things like running code after a user logs in (ie date of last login), cleaning up resources when a user logs out, or tracking the number of failed authentication attempts against a particular user. |
| Authenticator | An Authenticator authenticates a user against a backend user system. |
| Controller | The controller governs whether security is enabled or disabled globally. |
| Role Mapper | This maps broad security roles against the security in your application, eg groups or application-specific permissions. See the RoleMapper interface for details. |