The subject of my thesis was a thinclient application that was designated to be used for creating workflows and projects (using workflows as a template) and manage their lifecycles as a multy-tenant system. That implies that each domain has its own set of roles, workflows and projects and only the users can percolate. Thus they have the opportunity to obtain different kinds of roles and privileges through them.
There was two of us who were developing this application, but we had well separated responsibilities from the beginning, we elaborated different aspects of the software. Thus this document will consist mostly of the detailed description of my part in this developement process, but sometimes I will mention or briefly describe other segments of the application for the sake of completeness.
Within the confines of my thesis I was to implement the authentication, authorization and security mechanisms applied in the application, and construct the basic layout of a multytenant system by designing and elaborating the building blocks such as the Domain, User, Role and Privilege entities in the data layer, morover the actors in the business logic layer responsible for managing their lifecycle and all controlling logic and presentation layout in the prezentaion layer.
In terms of authentication and authorization I chose a solution to apply that was easy to use on the controller methods and it involved no change of code in them in case some changes emerged, only in the component implementing the authorization logic.
Also I established a standard acrchitecture into which test suites and test cases were to be injected easily. On top of that I was to implement several of them from my own domain to ensure the correctness of the behaviour of atomic components and the cooperation between them composing a subsystem.