Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Home >> All >> jreceiver >> client >> common >> [ taglibs Javadoc ]

Source code: jreceiver/client/common/taglibs/RoleAuthIsAuthorizedTag.java


1   /* $Header: /cvsroot/jreceiver/jreceiver/src/jreceiver/client/common/taglibs/RoleAuthIsAuthorizedTag.java,v 1.2 2002/12/29 00:44:07 reedesau Exp $ */
2   
3   package jreceiver.client.common.taglibs;
4   
5   import javax.servlet.http.*;
6   import javax.servlet.jsp.*;
7   import javax.servlet.jsp.tagext.*;
8   
9   //import org.apache.commons.logging.*;
10  
11  import jreceiver.common.rpc.RpcException;
12  import jreceiver.client.common.RoleAuthBean;
13  
14  
15  /**
16   * JSP Tag <b>isAuthorized</b>, used to determine whether
17   * the user has authorization to access the handler/method.
18   * <p>
19   * Example usage:
20   * <p>
21   * <pre>
22   * &lt;jrclient:isAuthorized handler="Playlists" method="getRecs"&gt;
23   *     &lt;b&gt;Do I have access?&lt;/b&gt;
24   * &lt;/jrclient:isAuthorized&gt;
25   * </pre>
26   *
27   * TODO: should the user be cached in the RoleAuthBean???
28   *
29   * Adapted from JSTL's Request tag.
30   */
31  public class RoleAuthIsAuthorizedTag extends TagSupport {
32  
33      /**
34       * test whether the user (in session) is in the specified role
35       */
36      public static boolean isAuthorized(PageContext pageContext, String handler_name, String method_name) throws RpcException {
37          HttpServletRequest req = (HttpServletRequest)pageContext.getRequest();
38  
39          HttpSession session = req.getSession();
40  
41          RoleAuthBean bean = (RoleAuthBean)session.getAttribute(RoleAuthBean.ROLE_AUTH_KEY);
42  
43          return bean != null && bean.isAuthorized(handler_name, method_name);
44      }
45  
46      /**
47       * Determines whether remote user is in a role.
48       *
49       * @return SKIP_BODY if user_in_role doesn't match value, EVAL_BODY_include if user_in_role matches value
50       */
51      public final int doStartTag() throws JspException {
52          try {
53              return(isAuthorized(pageContext, m_handler_name, m_method_name)
54                     ? EVAL_BODY_INCLUDE
55                     : SKIP_BODY);
56          }
57          catch (RpcException e) {
58              throw new JspException("rpc-problem determining authorization", e);
59          }
60      }
61  
62      /**
63       */
64      public final void setHandler(String handler_name) {
65          m_handler_name = handler_name;
66      }
67  
68      /**
69       */
70      public final void setMethod(String method_name) {
71          m_method_name = method_name;
72      }
73  
74      private String m_handler_name = null;
75      private String m_method_name  = null;
76  
77  
78      /**
79      * logging sink
80      */
81      //protected static Log log = LogFactory.getLog(RoleAuthIsAuthorizedTag.class);
82  }