AddIdentityToSPIRequest Adds identity related stuff to SPI requests made by an ESS.

Authenticate authenticates a particular HTTP request and indicates whether it is an edge node, org admin, or plain user.

CanUserAccessAllObjects checks if the user identified by the credentials in the supplied request, can read the specified object type.

CanUserCreateObject checks if the user identified by the credentials in the supplied request, can create an object of the object type, and send it to the destinations in the meta data.

CheckAddACLInputFormat checks ACL entry format.

CheckObjectCanBeModifiedByUser returns true if give user has ACLWriter access to given object type.

CheckObjectTypesCanBeAccessByGivenUser returns a list of objectTypes that given user has access to.

CheckRemoveACLInputFormat checks ACL entry format.

GetACLUserType get ACLUserType by authCode.

KeyandSecretForURL returns an app key and an app secret pair to be used by the ESS when communicating with the specified URL.

SetAuthentication is called by the code starting the Sync Service to set the Authentication implementation to be used by the Sync Service.

Start starts up the security component.

Stop stops the security component.

ValidateSPIRequestIdentity validates the identity sent in a SPI request by an ESS to a CSS Returns true if the identity is ok for a SPI request, along with the orgID, destType, and destID sent in the request.

role for destinations acl.

Indicate this entry of ACL is for exchange node.

username/nodename in ACL list with ACLReader role has read access only.

Indicate this entry of ACL is for exchange user.

username/nodename in ACL list with ACLWriter role has read/write access.

AuthAdmin is returned by Authenticate when the authenticated user is an org admin.

AuthEdgeNode is returned by Authenticate when the authenticated user is an embedded ESS edge node.

AuthFailed is returned by Authenticate when a call to Athenticate fails.

AuthNodeUser is returned by Authenticate when the authenticate user uses exchange nodeId and nodeToken.

AuthService is returned by Authenticate when the authenticated user is a Service.

AuthSyncAdmin is returned by Authenticate when the authenticated user is a Sync Service Admin.

AuthUser is returned by Authenticate when the authenticated user is a regular user.

SPIRequestIdentityHeader is the header used to send the identity in HTTP SPI requests Should only be used here and in the httpCommunication tests.

Store is a reference to the storage in use.

CredentialInfo is the information related to an app key.

CSSCredentials defines the appkey and appsecret used to communicate with the CSS.

DummyAuthenticate is the dummy implementation of the Authenticate interface.

PresetAuthenticate is an implementation of the Authenticate interface that uses a set of ids defined in the file {PersistenceRootPath}/sync/preset-auth.json.

TestAuthenticate is the test implementation of the Authenticate interface.

Authentication is the interface invoked by the Sync Service for authentication related stuff.