The attached example demonstrates how to authenticate a Coherence*Extend client and pass the client's identity to the cluster, where it is used to enforce entitlements on a target NamedCache. The attached JAR file includes both .NET and Java sample clients.
A Coherence*Extend client authenticates a user using either standard JAAS API calls or via the Coherence Security Framework. Once authenticated, the client accesses a target remote NamedCache by executing a PrivilegedAction on behalf of the user's authenticated Subject. The Coherence*Extend client transparently passes the user's Subject to the cluster, where an example NamedCache wrapper is used to enforce that the remote user has a specified Principal. The example NamedCache wrapper could easily be enhanced to enforce more sophisticated entitlements, such as transforming cached data or providing a filtered view of the target NamedCache.
This information is also included in the README.txt file in the attached archive.
This example demonstrates how to authenticate a Coherence*Extend user and pass the user's identity to the cluster, where it is used to enforce entitlements on a target NamedCache.
To build the example, you must have the following software installed:
Additionally, to build the example .NET client, you must have the following software installed:
To build the Java sample client:
To build the .NET sample client:
To build the .NET example client, use the Visual Studio solution included under src/net/TestClient. You may need to update the Coherence library reference to reflect your installation location of Coherence for .NET.
To run the Java sample client:
To run the .NET sample client:
To run the .NET sample client, execute the TestClient application from within Visual Studio.