Class SecurityContext

  • All Implemented Interfaces:
    java.lang.Comparable<EntityReference>

    @ThingworxExtensionApiClass(since={6,6})
    public final class SecurityContext
    extends EntityReference
    A context object containing a reference to a managed account, typically a User instance.

    A security context is a basic container for a Thingworx-managed account. These contexts are used in Thingworx to enforce permissions and access control, and for tracking the currently authorized account in a request. Security contexts may refer to one of three types of accounts: User, Group, and Thing.

    Security contexts can be generated using the factory methods provided in this class. A thing context stores the thing as the account with no associated groups, organizations, or privileges.

    For extension development, if you need to access a secured resource that the user making the request may not have access to, you can generate the super user or system user contexts using the appropriate factory methods. You must ensure that the security context is only used to access the secured resources that are needed to ensure proper functionality.

    The following code sample illustrates how the security context is used to access an associated entity:

      {
          @code
          SecurityContext systemContext = SecurityContext.createSystemUserContext();
          ThreadLocalContext.setSecurityContext(systemContext);
          Thing associatedEntity = ThingUtilities.findThing("ExampleThing");
          ThreadLocalContext.clearSecurityContext();
      }
      
    See Also:
    ThreadLocalContext, User, Group, Thing