/
Security Service

Security Service

2016-May-11

Overview

This service is used for authentication and authorization within the application.  It is also responsible for user management and leverages a "security handler" configured via the config.properties file.  The development environment uses a form of "default" security with fake users, and the production deployment uses "IMS" security with integrations to IHTSDO Identitiy Management Service.

Internal API - SecurityServiceJpa

Lower level calls of the internal API include:

  • Authenticate

  • Logout

  • Add/update/remove/get/find user(s)

  • Add/update/remove user preferences

  • Get an application role for a token

  • Find a username for a token

REST API - SecurityServiceRest

The public facing methods of the security service include:

  • Authenticate

  • Logout

  • Add/update/remove/get/find user(s)

  • Add/update/remove user preferences

  • Get application roles (for a client UI picklist)

 

References/Links

  • n/a

 

 

Copyright © 2025, SNOMED International