Back to Security Pattern Catalog
: Core Security
The intricate details of discovery and invocation of security services should be abstracted and loosely coupled from client applications. Then clients and services can be easily replaced with alternate technologies.
How can the security services be loosely coupled from application?
Use a mediator to co-ordinate requests between clients and security services. Use the delegate to locate and mediate back-end security services. Perform pertinent message translation to accommodate disparate message formats and protocols. Also perform error translations. Use a stateful or stateless delegate based on system requirements.
Policy delegate using a Service Locator to locate distributed security services, e.g. RMI.
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz