|
|||||||||
| Home >> All >> com >> RuntimeCollective >> webapps >> [ tag overview ] | PREV CLASS NEXT CLASS | ||||||||
SUMMARY:  JAVADOC |  SOURCE |  DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||
com.RuntimeCollective.webapps.tag
Class CheckLogonTag
java.lang.Objectjavax.servlet.jsp.tagext.TagSupport
- All Implemented Interfaces:
- javax.servlet.jsp.tagext.IterationTag, javax.servlet.jsp.tagext.JspTag, java.io.Serializable, javax.servlet.jsp.tagext.Tag
- public class CheckLogonTag
- extends javax.servlet.jsp.tagext.TagSupport
Check for a valid User logged on in the current session under
the key RuntimeParameters.getParam("logonUserKey").
If there is no such user, forward control to the logon page.
Important: This tag must be placed on a jsp page before anything is written to the response. It's safest to always put it at the top.
This tag takes the following optional parameters:
page- the page to go to if the user is not logged in (defaults to /logon.jsp)group- if set then the tag will only admit users if they are logged in, and are members of the UserGroup with this name.groups- if set then the tag will only admit users if they are logged in, and are members of any UserGroups with these names.groupType- if set then the tag will only admit users if they are logged in, and are members of any group which has this UserGroupType.role- if set then the tag will only allow users in if they are logged in, and have this role.You may seperate roles with commas e.g. "0,1,2" - this will allow users in if they have ANY of the specified roles.For example, inserting
into a jsp page will check that the user is logged in, with role 0, and if not will forward them to the home page.<%@ taglib uri="/WEB-INF/runtime-struts.tld" prefix="rs" %> <rs:checkLogon role="0" page="home.jsp"/>An example of how to use the
groupsparameter to allow only members of the Administrators or Editors group:<rs:belongsTo groups='<%= new String[]{"Administrators", "Editors"} %>'>
- Version:
- $Id: CheckLogonTag.java,v 1.55 2003/10/13 15:42:44 fabrice Exp $
| Field Summary | |
protected java.lang.String |
cookie
The cookie name to look for. |
private static java.lang.reflect.Method |
getUserMethod
CheckLogonTag (or a subclass)'s "getUser(HttpServletRequest request, HttpSession session)" method |
private java.lang.String |
iGroup
The name of the group (or names, seperated by commas) that the user must be a member of [Optional] |
private java.lang.String[] |
iGroups
The names of the groups, at least one of which the user must be a member of [Optional] |
private java.lang.String |
iGroupType
The user must be a member of at least one group that has this group type [Optional] |
static java.lang.String |
LIST_GROUP_NAMES_KEY
Where to put the list of group names on the request when the user is not in the groups specified. |
protected static java.lang.String |
name
The key of the session-scope bean we look for. |
protected java.lang.String |
page
The page to which we should forward for the user to log on. |
protected java.lang.String |
role
The role(s) that the user must have in order to access this page. |
| Fields inherited from class javax.servlet.jsp.tagext.TagSupport |
id, pageContext |
| Fields inherited from interface javax.servlet.jsp.tagext.IterationTag |
EVAL_BODY_AGAIN |
| Fields inherited from interface javax.servlet.jsp.tagext.Tag |
EVAL_BODY_INCLUDE, EVAL_PAGE, SKIP_BODY, SKIP_PAGE |
| Constructor Summary | |
CheckLogonTag()
Constructor |
|
| Method Summary | |
protected boolean |
checkRole(java.lang.String role,
com.RuntimeCollective.webapps.bean.User user)
Check roles. |
boolean |
checkValid(com.RuntimeCollective.webapps.bean.User user)
If the group attribute is set, check the user is in the specified group. |
int |
doEndTag()
Perform our logged-in user check by looking for the existence of a session scope bean under the specified name, using getUser. |
int |
doStartTag()
Defer our checking until the end of this tag is encountered. |
int |
forwardControl(boolean valid)
Continue to evaluate the page, or redirect to the login page |
static void |
foundUserFromAuthToken(com.RuntimeCollective.webapps.bean.User user,
javax.servlet.http.HttpServletRequest request)
This method is called when a user is found from the auth token. |
static void |
foundUserFromCookie(com.RuntimeCollective.webapps.bean.User user,
javax.servlet.http.HttpServletRequest request)
This method is called when a user is found from a cookie. |
java.lang.String |
getGroup()
Get the name (or names, seperated by commas) of the group that the user must be a member of [Optional] |
java.lang.String[] |
getGroups()
Get the names of the groups, at least one of which the user must be a member of [Optional] |
java.lang.String |
getGroupType()
Get the name of the group type containing a group that the user must be a member of [Optional] |
static com.RuntimeCollective.webapps.bean.User |
getLoggedOnUser(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpSession session)
Get the currently logged-on user from the given session. |
java.lang.String |
getPage()
Return the forward page. |
java.lang.String |
getRole()
Return the required role. |
static com.RuntimeCollective.webapps.bean.User |
getUser(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpSession session)
Perform our logged-in user check by looking for the existence of a session scope bean under the specified name. |
static void |
putReturnURLOnSession(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpSession session)
Put the return URL on the session under "LoginCookie.RETURN_URL_NAME", |
void |
release()
Release any acquired resources. |
static void |
removeUserFromSession(com.RuntimeCollective.webapps.bean.User user,
javax.servlet.http.HttpServletRequest request)
Remove the user from the session. |
void |
setGroup(java.lang.String group)
Set the name (or names, seperated by commas) of the group that the user must be a member of [Optional] |
void |
setGroups(java.lang.String[] groups)
Set the names of the groups, at least one of which the user must be a member of [Optional] |
void |
setGroupType(java.lang.String groupType)
Set the name of the group type containing a group that the user must be a member of [Optional] |
void |
setPage(java.lang.String page)
Set the forward page. |
void |
setRole(java.lang.String role)
Set the required role. |
| Methods inherited from class javax.servlet.jsp.tagext.TagSupport |
doAfterBody, findAncestorWithClass, getId, getParent, getValue, getValues, removeValue, setId, setPageContext, setParent, setValue |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
LIST_GROUP_NAMES_KEY
public static final java.lang.String LIST_GROUP_NAMES_KEY
- Where to put the list of group names on the request when the user is not in the groups specified.
- See Also:
- Constant Field Values
name
protected static java.lang.String name
- The key of the session-scope bean we look for.
page
protected java.lang.String page
- The page to which we should forward for the user to log on.
role
protected java.lang.String role
- The role(s) that the user must have in order to access this page.
iGroup
private java.lang.String iGroup
- The name of the group (or names, seperated by commas) that the user must be a member of [Optional]
iGroups
private java.lang.String[] iGroups
- The names of the groups, at least one of which the user must be a member of [Optional]
iGroupType
private java.lang.String iGroupType
- The user must be a member of at least one group that has this group type [Optional]
cookie
protected java.lang.String cookie
- The cookie name to look for.
getUserMethod
private static java.lang.reflect.Method getUserMethod
- CheckLogonTag (or a subclass)'s "getUser(HttpServletRequest request, HttpSession session)" method
| Constructor Detail |
CheckLogonTag
public CheckLogonTag()
- Constructor
| Method Detail |
getPage
public java.lang.String getPage()
- Return the forward page.
setPage
public void setPage(java.lang.String page)
- Set the forward page.
getRole
public java.lang.String getRole()
- Return the required role.
setRole
public void setRole(java.lang.String role)
- Set the required role.
getGroup
public java.lang.String getGroup()
- Get the name (or names, seperated by commas) of the group that the user must be a member of [Optional]
setGroup
public void setGroup(java.lang.String group)
- Set the name (or names, seperated by commas) of the group that the user must be a member of [Optional]
getGroups
public java.lang.String[] getGroups()
- Get the names of the groups, at least one of which the user must be a member of [Optional]
setGroups
public void setGroups(java.lang.String[] groups)
- Set the names of the groups, at least one of which the user must be a member of [Optional]
getGroupType
public java.lang.String getGroupType()
- Get the name of the group type containing a group that the user must be a member of [Optional]
setGroupType
public void setGroupType(java.lang.String groupType)
- Set the name of the group type containing a group that the user must be a member of [Optional]
doStartTag
public int doStartTag()
throws javax.servlet.jsp.JspException
- Defer our checking until the end of this tag is encountered.
doEndTag
public int doEndTag()
throws javax.servlet.jsp.JspException
- Perform our logged-in user check by looking for the existence of
a session scope bean under the specified name, using
getUser. Control is forwarded usingforwardControl, based on whethergetUserreturns a User or null.
getLoggedOnUser
public static com.RuntimeCollective.webapps.bean.User getLoggedOnUser(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpSession session) throws javax.servlet.jsp.JspException
- Get the currently logged-on user from the given session.
This uses the "getUser" method of CheckLogonTag, or a subclass defined in web.xml as "checkLogonTag".
getUser
public static com.RuntimeCollective.webapps.bean.User getUser(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpSession session) throws javax.servlet.jsp.JspException
- Perform our logged-in user check by looking for the existence of
a session scope bean under the specified name. If this bean is not
present, check for a cookie called "LoginCookie.COOKIE_NAME".
If no such cookie exists, the current page is stored on the Session with
PutReturnURLOnSessionand control is forwarded to the specified logon page. If we find a user from a cookie, set it on the session withfoundUserFromCookie.
checkValid
public boolean checkValid(com.RuntimeCollective.webapps.bean.User user) throws javax.servlet.jsp.JspException
- If the group attribute is set, check the user is in the specified group.
Otherwise, if the groupType attribute is set, check the user is in at least one group of the given type.
Otherwise, if the role attribute is set, then check the user has the required role(s) by calling
checkRole().
putReturnURLOnSession
public static void putReturnURLOnSession(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpSession session)
- Put the return URL on the session
under "LoginCookie.RETURN_URL_NAME",
foundUserFromCookie
public static void foundUserFromCookie(com.RuntimeCollective.webapps.bean.User user, javax.servlet.http.HttpServletRequest request)
- This method is called when a user is found from a cookie.
It adds the user to the session.
foundUserFromAuthToken
public static void foundUserFromAuthToken(com.RuntimeCollective.webapps.bean.User user, javax.servlet.http.HttpServletRequest request)
- This method is called when a user is found from the auth token.
It adds the user to the session.
removeUserFromSession
public static void removeUserFromSession(com.RuntimeCollective.webapps.bean.User user, javax.servlet.http.HttpServletRequest request)
- Remove the user from the session.
forwardControl
public int forwardControl(boolean valid)
throws javax.servlet.jsp.JspException
- Continue to evaluate the page, or redirect to the login page
checkRole
protected boolean checkRole(java.lang.String role, com.RuntimeCollective.webapps.bean.User user)
- Check roles.
release
public void release()
- Release any acquired resources.
|
|||||||||
| Home >> All >> com >> RuntimeCollective >> webapps >> [ tag overview ] | PREV CLASS NEXT CLASS | ||||||||
|
SUMMARY: JAVADOC | SOURCE | DOWNLOAD | NESTED | FIELD | CONSTR | METHOD |
DETAIL: FIELD | CONSTR | METHOD | ||||||||