The main interfaces, objects, and classes for Security Services are as follows:

User Authority

This interface is used for authenticating a user. The interface produces Persona objects that are used to identify a user and any roles that the user might have.


Identity of a user, a user’s role (for example, a user group such as Designers or Developers), or an application privilege. Persona objects can have multiple embedded identities. For example, a user can have several roles, such as manager and developer, and a role can have multiple privileges. The Persona interface is a superset of the standard J2EE Principal interface, and implements the Principal interface for interoperability.


The User object holds a collection of Personae that were collected by one or more user authorities. This object is like a wallet where identities are placed. A User object can hold several identities if a user has been authenticated by several means.

Security Policy

A security policy is used to determine whether a user has access to an object by checking an access control list composed of access privileges and/or deny privileges.

Secured Object

The SecuredObject interface provides a standard way to look up and change security information related to an object. The class uses this interface to determine the ACL for an object and any related container objects that might affect the ACL.

Secured Container

Like SecuredObject, SecuredContainer provides a standard interface for determining a list of security-related parents of an object, to support ACL inheritance or other cross-object semantics, for example.

Security Configuration

A security configuration is a security policy grouped together with the user authority that determines the identity information for a user. The security configuration is used primarily for reconstituting persisted ACL information using the parse() method of

Security Context

Every SecuredObject has a related Security Context, which is a Security Configuration plus a reference back to the object. This allows the access checker in the security policy to use the object itself to determine access control rules.