Supplied security implementation

One of the requirements for a deployment of i2 Analyze is a principal provider, which is the mechanism through which the users in an organization are mapped to the user groups in the security schema. When a deployment environment uses WebSphere Liberty for user authentication, the i2 Analyze deployment toolkit contains a production-quality class that might be an appropriate solution.

The WebSphereDynamicAccessRoleBasedPrincipalProvider class from the deployment toolkit performs a direct mapping from the names of user groups in Liberty to the names of user groups in the security schema. When the user is a member of a Liberty group, they receive access levels in accordance with the contents of corresponding <GroupPermissions> elements in the i2 Analyze security schema.

The i2 Analyze deployment toolkit can provide an example security schema and Liberty user registry that contain correlating group names and dimension values. These files are suitable for use in development environments, but not in production.