Permissioning
The Caplin Platform consists of a number of components that interact to provide end-users with a web-based financial trading application. The components that are used to integrate a permissioning system with the Caplin Platform are shown in the diagram below.
When a client application such as a Caplin Trader application interacts with Liberator, for example when an end-user logs in or attempts to view or trade financial information, Liberator uses the services of a Permissioning Auth Module to decide if the interaction with Liberator is permitted or not. The Permissioning Auth Module enforces security constraints based on permissioning data provided to Liberator by the Permissioning Adapter.
Permissioning system
The permissioning system is the source of the permissioning data that you want to integrate with the Caplin Platform. Permissioning data identifies the end-users that are authorised to interact with Liberator, and the financial products that these end-users are permitted to view and trade.
Permissioning adapter
The Permissioning Adapter is an Integration Adapter that acts as the interface between the Caplin Platform and your permissioning system. Its purpose is to provide Liberator with permissioning data. The Permissioning Auth Module in Liberator uses this data to decide whether or not an interaction with Liberator is permitted. To create a Permissioning Adapter, you write and compile a Java application that uses the Caplin Permissioning Integration API. This simple API is part of the Caplin Integration Suite and is therefore layered on top of the Caplin Java DataSource API. It allows your application to send permissioning data to Liberator using the DataSource protocol, but without the need for your code to explicitly use the Java DataSource API. Liberator can be configured to connect to one or more Permissioning Adapters.
With the Caplin Integration Suite for Java, you can create an Integration Adapter that uses both the Permissioning Integration Java API and the Trading Integration Java API. This allows the same application to act both as a Permissioning Adapter and a Trading Adapter. For details of how to include trading functionality in your Integration Adapter, see the document Caplin Trading: Integrating The Caplin Platform With A Trading System. |
Permissioning Auth Module
When a Permissioning Adapter is used to integrate the Caplin Platform with a permissioning system, the Liberator server must be configured to use the Permissioning Auth Module, which makes decisions about who is permitted to access the server and the type of access permitted. The Permissioning Auth Module is one of several authentication modules that are supplied with the Caplin Platform. It uses the Java Authentication API to communicate with Liberator. You can find further information about the authentication modules supplied with the Caplin Platform in the Caplin Liberator documentation here.
Permissioning at the client application
The components of the Graphical User Interface (GUI) at the client application can be tailored to match the permissions of the end-user who is currently logged in. An example would be to display information that the user is allowed to view, and to hide information that the user is not allowed to view. This information could be anything from pricing data for currency-pairs, to menu items, data grids, trade tiles, and tenors.
To add permissioning to a client application that is based on Caplin Trader, you must modify the client application by adding JavaScript code that uses the Permissioning API of Caplin Trader. This simple API can retrieve permissioning data from Liberator and is built on top of the StreamLink JS library. StreamLink JS provides communication between Caplin Trader and the Liberator server using the RTTP protocol.
See also: