Back to Security Pattern Catalog
Secure Service Façade
: Core Security
Many access points in the business tier mean that many points of failure that have to be secured. Every access point has to have authentication and authorization and data validation and auditing mechanism. This becomes an even more difficult problem if security has to be retrofitted.
How can we provide a secure interface for a fine-grained and loosely coupled security service?
Integrate fine-grained, security unaware service implementation into a unified, security-enabled interface to clients. Use it as a gateway where client requests are securely validated and routed to the appropriate fine-grained service implementation. Maintain and mediate the security and workflow context between interactive client requests and fine-grained services that fulfill portions of client requests.
Unified secure interface of an application.
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz