Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Overview  Package   Class  Use  Deprecated  Index 
Home >> All >> org >> acegisecurity >> acl >> [ basic overview ]  PREV CLASS  NEXT CLASS
SUMMARY: JavaDoc of org.acegisecurity.acl.basic.BasicAclProvider JAVADOC | Sourc code of org.acegisecurity.acl.basic.BasicAclProvider SOURCE | Download org.acegisecurity.acl.basic.BasicAclProvider DOWNLOAD | NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.acegisecurity.acl.basic
Class BasicAclProvider  view BasicAclProvider download BasicAclProvider.java

java.lang.Object
  extended byorg.acegisecurity.acl.basic.BasicAclProvider
All Implemented Interfaces:
org.acegisecurity.acl.AclProvider, org.springframework.beans.factory.InitializingBean
public class BasicAclProvider
extends java.lang.Object
implements org.acegisecurity.acl.AclProvider, org.springframework.beans.factory.InitializingBean

Retrieves access control lists (ACL) entries for domain object instances from a data access object (DAO).

This implementation will provide ACL lookup services for any object that it can determine the AclObjectIdentity for by calling the obtainIdentity(Object) 55 method. Subclasses can override this method if they only want the BasicAclProvider responding to particular domain object instances.

BasicAclProvider will walk an inheritance hierarchy if a BasicAclEntry returned by the DAO indicates it has a parent. NB: inheritance occurs at a domain instance object level. It does not occur at an ACL recipient level. This means allBasicAclEntrys for a given domain instance object must have the same parent identity, or allBasicAclEntrys must have null as their parent identity.

A cache should be used. This is provided by the BasicAclEntryCache. BasicAclProvider by default is setup to use the org.acegisecurity.acl.basic.cache.NullAclEntryCache, which performs no caching.

To implement the getAcls(Object, Authentication) 55 method, BasicAclProvider requires a EffectiveAclsResolver to be configured against it. By default the GrantedAuthorityEffectiveAclsResolver is used.

Version:
$Id: BasicAclProvider.java,v 1.5 2005/11/17 00:55:47 benalex Exp $

Field Summary
private  BasicAclDao basicAclDao
          Must be set to an appropriate data access object.
private  BasicAclEntryCache basicAclEntryCache
           
private  java.lang.Class defaultAclObjectIdentityClass
           
private  EffectiveAclsResolver effectiveAclsResolver
           
private static org.apache.commons.logging.Log logger
           
private static java.lang.String RECIPIENT_FOR_CACHE_EMPTY
          Marker added to the cache to indicate an AclObjectIdentity has no corresponding BasicAclEntry[]s
private  java.lang.Class restrictSupportToClass
           
 
Constructor Summary
BasicAclProvider()
           
 
Method Summary
 void afterPropertiesSet()
          Invoked by a BeanFactory after it has set all bean properties supplied (and satisfied BeanFactoryAware and ApplicationContextAware).
 org.acegisecurity.acl.AclEntry[] getAcls(java.lang.Object domainInstance)
          Obtains the ACLs that apply to the specified domain instance.
 org.acegisecurity.acl.AclEntry[] getAcls(java.lang.Object domainInstance, org.acegisecurity.Authentication authentication)
          Obtains the ACLs that apply to the specified domain instance and presented Authentication object.
 BasicAclDao getBasicAclDao()
           
 BasicAclEntryCache getBasicAclEntryCache()
           
 java.lang.Class getDefaultAclObjectIdentityClass()
           
 EffectiveAclsResolver getEffectiveAclsResolver()
           
 java.lang.Class getRestrictSupportToClass()
           
private  BasicAclEntry[] lookup(AclObjectIdentity aclObjectIdentity)
           
protected  AclObjectIdentity obtainIdentity(java.lang.Object domainInstance)
          This method looks up the AclObjectIdentity of a passed domain object instance.
 void setBasicAclDao(BasicAclDao basicAclDao)
           
 void setBasicAclEntryCache(BasicAclEntryCache basicAclEntryCache)
           
 void setDefaultAclObjectIdentityClass(java.lang.Class defaultAclObjectIdentityClass)
          Allows selection of the AclObjectIdentity class that an attempt should be made to construct if the passed object does not implement AclObjectIdentityAware.
 void setEffectiveAclsResolver(EffectiveAclsResolver effectiveAclsResolver)
           
 void setRestrictSupportToClass(java.lang.Class restrictSupportToClass)
          If set to a value other than null, the supports(Object) 55 method will only support the indicates class.
 boolean supports(java.lang.Object domainInstance)
          Indicates support for the passed object.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

private static final org.apache.commons.logging.Log logger

RECIPIENT_FOR_CACHE_EMPTY

private static java.lang.String RECIPIENT_FOR_CACHE_EMPTY
Marker added to the cache to indicate an AclObjectIdentity has no corresponding BasicAclEntry[]s

basicAclDao

private BasicAclDao basicAclDao
Must be set to an appropriate data access object. Defaults to null.

basicAclEntryCache

private BasicAclEntryCache basicAclEntryCache

defaultAclObjectIdentityClass

private java.lang.Class defaultAclObjectIdentityClass

restrictSupportToClass

private java.lang.Class restrictSupportToClass

effectiveAclsResolver

private EffectiveAclsResolver effectiveAclsResolver
Constructor Detail

BasicAclProvider

public BasicAclProvider()
Method Detail

getAcls

public org.acegisecurity.acl.AclEntry[] getAcls(java.lang.Object domainInstance)
Description copied from interface: org.acegisecurity.acl.AclProvider
Obtains the ACLs that apply to the specified domain instance.

Will never be called unless the AclProvider.supports(Object)>AclProvider.supports(Object) 55 method returned true.

Specified by:
getAcls in interface org.acegisecurity.acl.AclProvider

getAcls

public org.acegisecurity.acl.AclEntry[] getAcls(java.lang.Object domainInstance,
                                                org.acegisecurity.Authentication authentication)
Description copied from interface: org.acegisecurity.acl.AclProvider
Obtains the ACLs that apply to the specified domain instance and presented Authentication object.

Will never be called unless the AclProvider.supports(Object)>AclProvider.supports(Object) 55 method returned true.

Specified by:
getAcls in interface org.acegisecurity.acl.AclProvider

setBasicAclDao

public void setBasicAclDao(BasicAclDao basicAclDao)

getBasicAclDao

public BasicAclDao getBasicAclDao()

setBasicAclEntryCache

public void setBasicAclEntryCache(BasicAclEntryCache basicAclEntryCache)

getBasicAclEntryCache

public BasicAclEntryCache getBasicAclEntryCache()

setDefaultAclObjectIdentityClass

public void setDefaultAclObjectIdentityClass(java.lang.Class defaultAclObjectIdentityClass)
Allows selection of the AclObjectIdentity class that an attempt should be made to construct if the passed object does not implement AclObjectIdentityAware.

NB: Any defaultAclObjectIdentityClassmust provide a public constructor that accepts an Object. Otherwise it is not possible for the BasicAclProvider to try to create the AclObjectIdentity instance at runtime.

getDefaultAclObjectIdentityClass

public java.lang.Class getDefaultAclObjectIdentityClass()

setEffectiveAclsResolver

public void setEffectiveAclsResolver(EffectiveAclsResolver effectiveAclsResolver)

getEffectiveAclsResolver

public EffectiveAclsResolver getEffectiveAclsResolver()

setRestrictSupportToClass

public void setRestrictSupportToClass(java.lang.Class restrictSupportToClass)
If set to a value other than null, the supports(Object) 55 method will only support the indicates class. This is useful if you wish to wire multiple BasicAclProviders in a list of AclProviderManager.providers but only have particular instances respond to particular domain object types.

getRestrictSupportToClass

public java.lang.Class getRestrictSupportToClass()

afterPropertiesSet

public void afterPropertiesSet()
Description copied from interface: org.springframework.beans.factory.InitializingBean
Invoked by a BeanFactory after it has set all bean properties supplied (and satisfied BeanFactoryAware and ApplicationContextAware).

This method allows the bean instance to perform initialization only possible when all bean properties have been set and to throw an exception in the event of misconfiguration.

Specified by:
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean

supports

public boolean supports(java.lang.Object domainInstance)
Indicates support for the passed object.

An object will only be supported if it (i) is allowed to be supported as defined by the setRestrictSupportToClass(Class) 55 method, and (ii) if an AclObjectIdentity is returned by obtainIdentity(Object) 55 for that object.

Specified by:
supports in interface org.acegisecurity.acl.AclProvider

obtainIdentity

protected AclObjectIdentity obtainIdentity(java.lang.Object domainInstance)
This method looks up the AclObjectIdentity of a passed domain object instance.

This implementation attempts to obtain the AclObjectIdentity via reflection inspection of the class for the AclObjectIdentityAware interface. If this fails, an attempt is made to construct a getDefaultAclObjectIdentityClass() 55 object by passing the domain instance object into its constructor.

lookup

private BasicAclEntry[] lookup(AclObjectIdentity aclObjectIdentity)
Overview  Package   Class  Use  Deprecated  Index 
Home >> All >> org >> acegisecurity >> acl >> [ basic overview ]  PREV CLASS  NEXT CLASS
SUMMARY: JavaDoc of org.acegisecurity.acl.basic.BasicAclProvider JAVADOC | Sourc code of org.acegisecurity.acl.basic.BasicAclProvider SOURCE | Download org.acegisecurity.acl.basic.BasicAclProvider DOWNLOAD | NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD