Interface SecurityPolicy

All Known Implementing Classes:
DefaultSecurityPolicy

public interface SecurityPolicy

A SecurityPolicy defines the broad authorization constraints that must be enforced by a BayeuxServer.

The usage of SecurityPolicy has been mostly replaced by the usage of the more flexible Authorizer for creation of channels, subscription to channels and publish to channels. SecurityPolicy is still the central authorization component for handshakes.

A BayeuxServer may deny the handshake from clients that do not have proper authentication credentials, or may deny clients to publish on reserved channels and so on; all these activities are controlled by the SecurityPolicy implementation installed on the BayeuxServer via BayeuxServer.setSecurityPolicy(SecurityPolicy).

See Also: