Back to Security Pattern Catalog

Secure Service Façade

Classification Key : Core Security


Many access points in the business tier mean that many points of failure that have to be secured. Every access point has to have authentication and authorization and data validation and auditing mechanism. This becomes an even more difficult problem if security has to be retrofitted. How can we provide a secure interface for a fine-grained and loosely coupled security service?


Integrate fine-grained, security unaware service implementation into a unified, security-enabled interface to clients. Use it as a gateway where client requests are securely validated and routed to the appropriate fine-grained service implementation. Maintain and mediate the security and workflow context between interactive client requests and fine-grained services that fulfill portions of client requests.

Known Uses

Unified secure interface of an application.


Sun Book


Façade, Interface


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz