Security services in Seraph determine the roles required for any given request.
There are two security services bundled with Seraph - the Path service and the WebWork service.
Security services can use any meta-data associated with the incoming request, so other examples of services could be an IPService (to authenticate users based on IP) or a KeyService (to authenticate users based on their security keys).
The Path Service secures particular URL paths. It allows for extremely flexible path
lookups (ie /admin/*, /admin/Setup*, /admin/Setup*Foo etc) and is configured via it's own XML
configuration file, named seraph-paths.xml.
The Path service is configured in security-config.xml as follows:
<service class="com.atlassian.seraph.service.PathService"> <init-param> <param-name>config.file</param-name> <param-value>/seraph-paths.xml</param-value> </init-param> </service>
<seraph-paths> <!-- You can configure any number of path elements --> <path name="admin"> <url-pattern>/admin/*</url-pattern> <role-name>myapp-administrators, myapp-owners</role-name> </path> </seraph-paths>
The WebWork Service secures WebWork 1 actions. You must use actions.xml to configure your
actions, and then just add a "roles-required" attribute to each action or command element.
Here is a snippet of actions.xml showing the roles-required attribute:
<action name="project.AddProject" roles-required="admin"> <view name="input">/secure/admin/views/addproject.jsp</view> </action>