This topic discusses the authorization example provided in the product under templates/security using XmlAuthorization.java, XmlErrorHandler.java, and authz6_0.dtd.
XmlAuthorization provides authorization for each region at the operation level by using the permissions specified in an XML file. The sample implementation also shows the post-authorization implementation for the function execution operation. For pre-operation, all the required values are available.
You can configure authorization for all server region operations on a per-region and per-operation basis by using a role-based mechanism. A role can be provided with permissions to execute operations for each region. Each principal name can be associated with a set of roles.
Information such as the region reference, arguments, the operation being invoked, and a reference to the cache instance can be made available to the XmlAuthorization callback. If an authenticated client is not authorized to perform an operation, the operation fails with a NotAuthorizedException.