Authorization (ISecurity Interface)

Overview of the ISecurity Server Interface

The methods described in this section are provided in the ISecurity server interface. The methods can be used in a SAS Open Metadata Interface client that you create to request authorizations on SAS Metadata Server resources. The methods can be used to get authorizations on both metadata and on the data that is represented by the metadata.

ISecurity methods are available only through the standard interface. For more information, see Communicating with the SAS Metadata Server.

In SAS 9.2, two versions of the ISecurity server interface are supported.

ISecurity 1.0 enables SAS 9.1 clients to work the same way they worked in SAS 9.1. Only methods that were supported in SAS 9.1 are available in ISecurity 1.0.
ISecurity 1.1 provides versions of the SAS 9.1 methods that work in a SAS 9.2 environment. It also offers several new methods.

The following information applies to all of the ISecurity methods.

Errors are surfaced through the exception-handling in IOM. Each method returns a set of documented exceptions. Use TRY and CATCH logic in your Java programs to determine when an exception is returned.
The methods make authorization decisions based on user and access control metadata that is stored in metadata repositories. Appropriate metadata must be defined for authorization decisions to be meaningful.

User metadata is defined by using the SAS Management Console User Manager plug-in or by extracting user and group definitions from an enterprise source with macros. For information about the plug-ins, see SAS Management Console documentation.

Access control metadata is defined by using the SAS Management Console Authorization Manager plug-in or by using ISecurityAdmin methods. For information about ISecurityAdmin methods, which are new in SAS 9.2, see Security Administration (ISecurityAdmin Interface).

For information about access controls supported by the SAS Open Metadata Architecture authorization facility and enterprise user import macros, see the SAS Intelligence Platform: Security Administration Guide.
The methods assume the calling user and any user IDs specified by the calling program have been authenticated before calling the SAS Metadata Server, and that the calling user is a trusted user of the SAS Metadata Server.
In the examples, iSecurity is an instantiation of the ISecurity interface.

Top of Page