The Flexess Development Cycle

I think it's still not clear if Flexess is a framework, a tool or a library. This entry will give an overview Flexess's structure.

The work of a developer begins with the Flexess Security Modeler. This is an Eclipse-based tool that allows creating and editing an application's security model. After creation, the model is serialized as an XML file and deployed to the Flexess Server.

After the model is deployed, it must be associated with a user management system. Flexess Administration is a J2EE application with a web client for configuring the model.  In Flexess administration we set the parameters of the connection to the LDAP server where the users who will access the application are stored.

Flexess Administration is also used as the main administration client and provides the following functions:

• Creating roles based on role templates;


• Assigning(Revoking) user to(from) roles.

The final step in the process is securing the business application. We have a library (a jar file) Flexess client. This library is deployed as part of the business application and performs the actual authorization. It loads the roles for a particular user from the Flexess Engine and checks if the user is authorized to perform the relevant operation.

To enable authorization, the code in business application must include something like this:

public void saveOrder(Order order) throws AccessControlException, UamClientException {
    getAuthorizationManager().check(order, "update" );
    dao.saveOrder(order);
}