ExternalSecurity Interface

To customize MicroStrategy Web authentication, you must create a custom Java class that implements the ExternalSecurity interface. The ExternalSecurity interface and classes derived from it contain all the methods that are used to provide authentication and authorization functionality. To help you in this process, MicroStrategy Web provides an abstract base class— AbstractExternalSecurity— that mimics the standard authentication process of MicroStrategy Web.


Note: In default MicroStrategy Web authentication, the DefaultExternalSecurity class is used. This class extends the AbstractExternalSecurity class (without any changes), which in turn implements the ExternalSecurity interface.


The diagrams below illustrate the three methods that are entry points to the External Security Module (ESM) and show where each of the other methods fits in the workflow. The only method that is not pictured is getFailureURL(), which is called in various places whenever there is an error.




The ExternalSecurity interface includes the following methods:



Each of the following topics in this section describes one of the methods listed above, the conditions under which that particular method is invoked, and the manner in which MicroStrategy Web interprets the code returned by the method. Each topic also describes the conditions that must be met prior to invoking the method and the operations that take place following the method call, and provides the method signature.


Note: The diagrams provided in the topics in this section represent the general processing flow and are not intended to be actual flow diagrams.