What is the primary role of the AccessManager interface?

The AccessManager is the central interface responsible for authorizing operation calls based on the principal, operation metadata, and signed identifiers.

How do Authentication Interceptors work in JUDO?

Interceptors allow you to hook into the security lifecycle to perform actions like audit logging or rate limiting before or after an operation is authorized.

What happens when authorization fails in this API?

The system throws an AccessDeniedException for forbidden actions or an AuthenticationRequiredException if the user is not logged in.

Can I use this skill to implement custom audit logging?

Yes, by implementing the AuthenticationInterceptor interface, you can capture and log every successful operation execution with full context of the user and entity.

What information does a SignedIdentifier contain?

A SignedIdentifier contains the unique ID, entity type, version for optimistic locking, and metadata about which operation or reference produced the instance.

JUDO Access Manager API

Name: JUDO Access Manager API
Author: BlackBeltTechnology

byBlackBeltTechnology

0•

セキュリティとテスト

Implements secure operation authorization, authentication interceptors, and signed identifier tracking within the JUDO Runtime Core framework.

The JUDO Access Manager API skill provides a comprehensive framework for managing application security and access control. It enables developers to define core contracts for operation authorization, hook into the authentication lifecycle via custom interceptors, and utilize Signed Identifiers to securely track entity instances. This skill is essential for building enterprise applications that require granular permission sets, detailed audit logging, rate limiting, and robust validation of bound operations within the JUDO ecosystem.

主な機能

01Operation Authorization: Fine-grained control over operation execution based on actor/principal roles.

020 GitHub stars

03API-First Architecture: Pure interface definitions that remain independent of specific runtime implementation details.

04Behavior Authorizers: Built-in support for CRUD, reference management, and query-specific authorization.

05Authentication Interceptors: Custom hooks for audit logging, security checks, and lifecycle events.

06Signed Identifiers: Secure tracking of entity instances with metadata for optimistic locking and type safety.

ユースケース

01Implementing comprehensive audit trails for sensitive state-changing operations like entity deletion or updates.

02Enforcing granular access control where specific operations are only exposed to authorized user claims.

03Adding custom security layers such as rate limiting or IP-based restrictions via authentication interceptors.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add blackbelttechnology/judo-runtime-core access-api-overview

For use in Claude.ai and ChatGPT

主な機能

01Operation Authorization: Fine-grained control over operation execution based on actor/principal roles.

020 GitHub stars

03API-First Architecture: Pure interface definitions that remain independent of specific runtime implementation details.

04Behavior Authorizers: Built-in support for CRUD, reference management, and query-specific authorization.

05Authentication Interceptors: Custom hooks for audit logging, security checks, and lifecycle events.

06Signed Identifiers: Secure tracking of entity instances with metadata for optimistic locking and type safety.

ユースケース

01Implementing comprehensive audit trails for sensitive state-changing operations like entity deletion or updates.

02Enforcing granular access control where specific operations are only exposed to authorized user claims.

03Adding custom security layers such as rate limiting or IP-based restrictions via authentication interceptors.