| java.lang.Object org.directwebremoting.impl.DefaultAccessControl
DefaultAccessControl | public class DefaultAccessControl implements AccessControl(Code) | | Control who should be accessing which methods on which classes.
author: Joe Walker [joe at getahead dot ltd dot uk] |
Inner Class :static class Policy | |
Method Summary | |
public void | addExcludeRule(String scriptName, String methodName) | public void | addIncludeRule(String scriptName, String methodName) | public void | addRoleRestriction(String scriptName, String methodName, String role) | protected static void | assertAllowedByRoles(HttpServletRequest req, Set<String> roles) | protected static void | assertAreParametersDwrInternal(Method method) | protected static void | assertAuthenticationIsValid(HttpServletRequest req) | public void | assertExecutionIsPossible(Creator creator, String className, Method method) | protected static void | assertIsClassDwrInternal(Creator creator) | public void | assertIsDisplayable(Creator creator, String className, Method method) | protected void | assertIsExecutable(String scriptName, String methodName) Test to see if a method is excluded or included. | protected static void | assertIsMethodPublic(Method method) | protected static void | assertIsNotOnBaseObject(Method method) | protected void | assertIsRestrictedByRole(String scriptName, Method method) | protected Policy | getPolicy(String type) Find the policy for the given type and create one if none exists. | protected Set<String> | getRoleRestrictions(String scriptName, String methodName) | public void | setExposeInternals(boolean exposeInternals) |
PACKAGE_ALLOW_CONVERT | final protected static String PACKAGE_ALLOW_CONVERT(Code) | | Special dwr package name from which classes may be converted
|
PACKAGE_ALLOW_CREATE | final protected static String PACKAGE_ALLOW_CREATE(Code) | | Special dwr package name from which classes may be created
|
PACKAGE_DWR_DENY | final protected static String PACKAGE_DWR_DENY(Code) | | My package name, so we can ban DWR classes from being created or marshalled
|
policyMap | protected Map<String, Policy> policyMap(Code) | | A map of Creators to policies
|
assertAllowedByRoles | protected static void assertAllowedByRoles(HttpServletRequest req, Set<String> roles) throws SecurityException(Code) | | Is this current user in the given list of roles
Parameters: req - The users request Parameters: roles - The list of roles to check throws: SecurityException - if this user is not allowed by the list of roles |
assertAreParametersDwrInternal | protected static void assertAreParametersDwrInternal(Method method)(Code) | | Check the parameters are not DWR internal either
Parameters: method - The method that we want to execute |
assertIsClassDwrInternal | protected static void assertIsClassDwrInternal(Creator creator)(Code) | | Is the class that we are executing a method on part of DWR?
Parameters: creator - The Creator that exposes the class |
assertIsMethodPublic | protected static void assertIsMethodPublic(Method method)(Code) | | Is the method public?
Parameters: method - The method that we wish to execute |
assertIsRestrictedByRole | protected void assertIsRestrictedByRole(String scriptName, Method method)(Code) | | Parameters: scriptName - The name of the creator to Javascript Parameters: method - The method to execute |
getPolicy | protected Policy getPolicy(String type)(Code) | | Find the policy for the given type and create one if none exists.
Parameters: type - The name of the creator The policy for the given Creator |
getRoleRestrictions | protected Set<String> getRoleRestrictions(String scriptName, String methodName)(Code) | | Parameters: scriptName - The name of the creator to Javascript Parameters: methodName - The name of the method (without brackets) A Set of all the roles for the given script and method |
setExposeInternals | public void setExposeInternals(boolean exposeInternals)(Code) | | Parameters: exposeInternals - the exposeInternals to set |
|
|