Chapter 11. Permissions and the Service Engine

The Service Engine allows us to determine who can and who can't invoke services based on permissions given to user logins. In fact, the Service Engine allows us to go beyond simple permissions attached to the user login. As we will see in this chapter, it is possible to easily create our own checks for any criteria to determine whether the logged-in user is allowed to invoke a service.

In this chapter we will be exploring:

  • Simple permissions, entity permission, and role checks

  • Combining and nesting those permissions and checks

  • Permission service (really complex permissions)

Simple Permissions

Each service can be declared with required permissions. The dispatcher object (ServiceDispatcher) will check the ...

Get Apache OFBiz Development now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.