The Dynamo User Directory functions both as an organizational tool and as a security tool. As an administrator, you can allow or deny access to specific repository items and to specific properties of those repository items. The Dynamo User Directory accesses two repositories to store information and to implement the security system that controls repository items. These repositories are the profile repository and the Admin SQL repository.
ATG products work with two types of repositories: “concrete” repositories, which actually hold data, and “secure” repositories, which perform security checking. Rather than adding security checking directly to a concrete repository, a secure repository wraps a concrete repository. This secure repository has the same API, behavior, and data as the underlying concrete repository. In general, invoking a method on a secure repository works the same as invoking the same method on a concrete repository, but with one essential difference: the secure wrapper applies security checks as needed, before and after calling the concrete repository to do the work of retrieving items from the database. This security system has two major benefits:
Nucleus components that require security checking access the secure repository. Components that don’t require security checking skip the secure repository and directly access the concrete repository.
All repository implementations, including any that you add in the future, can use this secure repository wrapper. This is much easier than having to add security as a feature in each new repository implementation.
