Incorrect entitlement response returned from Open DACS.
While trying to integrate with Open DACS using the Java API, I am see
discrepancy in the entitlement response between Open DACS and TREP. TREP is
returning the correct entitlement while Open DACS always return an “allow
access” response for all the items (even an invalid RIC) that I pass to
the API. Can somebody help?
Best Answer
-
There are two kinds of entitlements in Open DACS:
1. Content Based Entitlements (CBE)
CBE uses DACS lock to control the permission.Normally, the application gets DACS lock from the refresh message of the subscribed item. Then, the application must pass this DACS lock as a parameter (lockData) to Authorization::checkSubscription() method.
108. authCheckResult = _agent.checkSubscription(_handle, _usage,
109. _reqtype,
110. authCheckStatus,
111. false,
112. _serviceName, _itemName, lockData);2. Subject Based Entitlements (SBE)
SBE uses the subject names to control the permission. For this reason, DACS lock isn't required by SBE.
275. AuthorizationCheckResult authCheckResult = _agent
276. .checkSubscription(_handle, _usage, reqType,
277. authCheckStatus, _serviceName, _itemName);Typically, a service from Elektron is a content based service which requires DACS lock to perform entitlement check. Therefore, if the application perform SBE check (without providing DACS lock) against a content based service, the result is always ACCESS_ALLOWED.
Moreover, Open DACS API doesn't know which items are valid or invalid. It just performs entitlement checks against rules assigned to the users.
In conclusion, to make it behave like TREP, the application needs to have DACS lock of each item. The application can get DACS locks by sending item requests to TREP. DACS lock is in the item's refresh message. Then, the application must pass DACS lock to Authorization::checkSubscription() method to perform CBE check for an item.
For more information, please refer to Open DACS Java tutorials. Please focus on Tutorial 3, 4, and 5.
0
Categories
- All Categories
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 684 Datastream
- 1.4K DSS
- 613 Eikon COM
- 5.2K Eikon Data APIs
- 10 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- 3 Trading API
- 2.9K Elektron
- 1.4K EMA
- 248 ETA
- 552 WebSocket API
- 37 FX Venues
- 14 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 23 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 275 Open PermID
- 44 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 22 RDMS
- 1.9K Refinitiv Data Platform
- 630 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 26 DACS Station
- 121 Open DACS
- 1.1K RFA
- 104 UPA
- 191 TREP Infrastructure
- 228 TRKD
- 915 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 86 Workspace SDK
- 11 Element Framework
- 5 Grid
- 18 World-Check Data File
- 1 Yield Book Analytics
- 46 中文论坛
