java.lang.Object
au.edu.educationau.belts.cocoon.CocoonRoleInterceptor
- All Implemented Interfaces:
- au.edu.educationau.belts.command.CommandInterceptor
- public class CocoonRoleInterceptor
- extends java.lang.Object
- implements au.edu.educationau.belts.command.CommandInterceptor
Checks to ensure that the user is or is not in a specific application role.
By default if nothing is specified the command will be forwarded to
the next command interceptor.
If parameters are set the following rules are applied in order
- If the number of permitted roles is > 0 then forward is set to false
- If the user has one of the permitted roles then forward is set to true
- If forwarding and deny overrides forwarding the forward is set to false
if the user has one of the denied roles
If forward is false then a CommandResult will be generated that lets the user know a security
issue has been encountered.
Note: If you set the deny-overrides false and have no permitted just denied roles
the interceptor will always forward the command.
- Version:
- $Revision: 1.3.2.1 $ - $Date: 2003/07/22 23:07:07 $
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PERMITTED_ROLE
private static final java.lang.String PERMITTED_ROLE
- See Also:
- Constant Field Values
DENIED_ROLE
private static final java.lang.String DENIED_ROLE
- See Also:
- Constant Field Values
DENY_OVERRIDES_FORWARD
private static final java.lang.String DENY_OVERRIDES_FORWARD
- See Also:
- Constant Field Values
UNAUTHORISED_MESSAGE
private static final java.lang.String UNAUTHORISED_MESSAGE
- See Also:
- Constant Field Values
_unauthorisedMessage
private java.lang.String _unauthorisedMessage
_permittedRoles
private java.lang.String[] _permittedRoles
_deniedRoles
private java.lang.String[] _deniedRoles
_denyOverrides
private boolean _denyOverrides
CocoonRoleInterceptor
public CocoonRoleInterceptor()
invoke
public au.edu.educationau.belts.command.CommandResult invoke(au.edu.educationau.belts.command.InterceptorContext context)
- Description copied from interface:
au.edu.educationau.belts.command.CommandInterceptor
- Called by the dispatcher when a request reaches this
interceptor in an interceptor chain.
Typical interceptors will look up objects in the environment,
add properties to the command, call InterceptorContext.invokeNext()>InterceptorContext.invokeNext() 55
and return the CommandResult it returns.
- Specified by:
invoke in interface au.edu.educationau.belts.command.CommandInterceptor
configure
public void configure(Configuration configuration)
throws ConfigurationException
inAtLeastOneRole
private boolean inAtLeastOneRole(java.lang.String[] roles,
au.edu.educationau.belts.command.InterceptorContext context)
getRequest
private org.apache.cocoon.environment.Request getRequest(au.edu.educationau.belts.command.InterceptorContext context)
JAVADOC | 
SOURCE | 
DOWNLOAD | NESTED | FIELD | CONSTR | METHOD