| java.lang.Object
 org.objectweb.jonas_lib.security.AbsPermissionManager
org.objectweb.jonas.web.lib.PermissionManager
| PermissionManager | | public class PermissionManager extends AbsPermissionManager (Code) | | Defines a PermissionManager class which will manage JACC permissions for a
web-app
author:
Florent Benoit |
| PermissionManager | | public PermissionManager(WebContainerDeploymentDesc webContainerDeploymentDesc, String contextId, boolean remove) throws PermissionManagerException(Code) | | Default Constructor
Parameters:
webContainerDeploymentDesc - EJB deployment Descriptor
Parameters:
contextId - context ID used for PolicyContext
Parameters:
remove - - remove the policy context when creating a new one.
throws:
PermissionManagerException - if permissions can't be set |
| checkWebResourcePermission | | public boolean checkWebResourcePermission(HttpServletRequest request, String principalName, String[] roles)(Code) | | Check the security for a given HttpServletReauest
Parameters:
request - the http servlet request
Parameters:
principalName - name of the principal
Parameters:
roles - array of roles for this permission true if the permission is granted, else false |
| checkWebRoleRefPermission | | public boolean checkWebRoleRefPermission(HttpServletRequest request, String servletName, String principalName, String[] roles, String roleName)(Code) | | Check the security for a given HttpServletReauest
Parameters:
request - the http servlet request
Parameters:
servletName - Name of the servlet
Parameters:
principalName - name of the principal
Parameters:
roles - array of roles for this permission
Parameters:
roleName - name of the role true if the permission is granted, else false |
| checkWebUserDataPermission | | public boolean checkWebUserDataPermission(HttpServletRequest request, String principalName, String[] roles)(Code) | | Check the security for a given HttpServletReauest
Parameters:
request - the http servlet request
Parameters:
principalName - name of the principal
Parameters:
roles - array of roles for this permission true if the permission is granted, else false |
| resetDeploymentDesc | | protected void resetDeploymentDesc()(Code) | | Reset Deployment Descriptor
|
| translateSecurityConstraintElements | | protected void translateSecurityConstraintElements() throws PermissionManagerException(Code) | | 3.1.3.1 Translating security-constraint elements The paragraphs of this
section describe the translation of security-constraints into
WebResourcePermission and WebUserDataPermission objects constructed using
qualified URL pattern names. In the exceptional case, as defined in
Qualified URL Pattern Names, where a pattern is made irrelevant by a
qualifying pattern, the permission instantiations that would result from
the translation of the pattern, as described below, must not be
performed. Otherwise, the translation of URL patterns in security
constraints must yield an equivalent translation to the translation that
would result from following the instructions in the remainder of this
section. [...]
throws:
PermissionManagerException - if permissions can't be set |
| translateServletDeploymentDescriptor | | public void translateServletDeploymentDescriptor() throws PermissionManagerException(Code) | | 3.1.3.Translating Servlet Deployment Descriptors A reference to a
PolicyConfiguration object must be obtained by calling the
getPolicyConfiguration method on the PolicyConfigurationFactory
implementation class of the provider configured into the container. The
policy context identifier used in the call to the getPolicyConfiguration
method must be a String composed as described in Section 3.1.2, Servlet
Policy Context Identifiers, on page 19. The value true must be passed as
the second parameter in the call to getPolicyConfiguration to ensure that
any and all policy statements are removed from the policy context
associated with the returned PolicyConfiguration. The security-constraint
and securityrole-ref elements in the deployment descriptor must be
translated into permissions and added to the PolicyConfiguration object
as defined in the following sections.
throws:
PermissionManagerException - if permissions can't be set |
| translateServletSecurityRoleRef | | protected void translateServletSecurityRoleRef() throws PermissionManagerException(Code) | | 3.1.3.2 Translating Servlet security-role-ref Elements For each
security-role-ref appearing in the deployment descriptor a corresponding
WebRoleRefPermission must be added to the corresponding role. The name of
the WebRoleRefPermission must be the servlet-name in whose context the
security-role-ref is defined. The actions of the WebRoleRefPermission
must be the value of the role-name (that is the reference), appearing in
the security-role-ref. The deployment tools must call the addToRole
method on the PolicyConfiguration object to add the WebRoleRefPermission
object resulting from the translation to the role identified in the
role-link appearing in the security-role-ref. Additional
WebRoleRefPermission objects must be added to the PolicyConfiguration as
follows. For each servlet element in the deployment descriptor a
WebRoleRefPermission must be added to each security-role whose name does
not appear as the role-name in a security-role-ref within the servlet
element. The name of each such WebRoleRefPermission must be the
servlet-name of the corresponding servlet element. The actions (that is,
reference) of each such WebRoleRefPermission must be the corresponding
(non-appearing) role-name. The resulting permissions must be added to the
corresponding roles by calling the addToRole method on the
PolicyConfiguration object.
throws:
PermissionManagerException - if permissions can't be set |
|
|