Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

atg.userprofiling
Class AccessControlServlet

java.lang.Object
  extended by atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      extended by atg.nucleus.GenericService
          extended by atg.nucleus.TimedOperationService
              extended by atg.servlet.pipeline.PipelineableServletImpl
                  extended by atg.userprofiling.AccessControlServlet
All Implemented Interfaces:
NameContextBindingListener, NameContextElement, NameResolver, AdminableService, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, PipelineableServlet, java.util.EventListener, javax.servlet.Servlet
public class AccessControlServlet
extends PipelineableServletImpl

This pipeline servlet performs access control for a set of request URL paths, based on the Profile object associated with the request. The servlet is configured with a set of URL-to-AccessController mappings; if the URL being accessed is "guarded" by one of the AccessControllers, the request's Profile object is passed to the AccessController, which decides whether or not access should be allowed. If access is allowed, the request is passed on; if access is denied, the user is redirected to a specified deniedAccessURL.

This servlet comes with a list of AccessAllowedListeners and a list of AccessDeniedListeners, to allow logging or other functions to be performed when access is granted or denied.

See Also:
AccessController

Field Summary
static java.lang.String CLASS_VERSION
          Class version string
static java.lang.String NO_ACCESS_CONTROLLER
          Indicates the absence of an access controller in the path cache
 
Fields inherited from class atg.nucleus.GenericService
SERVICE_INFO_KEY
 
Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
DEFAULT_LOG_TRACE_STATUS
 
Fields inherited from interface atg.nucleus.logging.ApplicationLogging
DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS
 
Constructor Summary
AccessControlServlet()
           
 
Method Summary
 void addAccessAllowedListener(AccessAllowedListener pListener)
          Adds a listener to the list of "access allowed" listeners.
 void addAccessDeniedListener(AccessDeniedListener pListener)
          Adds a listener to the list of "access denied" listeners.
 void doStartService()
          Called after the service has been created, placed into the naming hierarchy, and initialized with its configured property values.
 int getAccessAllowedListenerCount()
          Returns the number of "access allowed" listeners.
 AccessAllowedListener[] getAccessAllowedListeners()
          Returns the array of "access allowed" listeners.
 AccessController getAccessController(atg.userprofiling.AccessControlServlet.ControllerArrayMember[] pControllerArray, java.lang.String pRequestPath)
          Returns the AccessController which should be used to perform access control for the given path.
 AccessController getAccessController(java.lang.String pRequestPath)
          Returns the AccessController which should be used to perform access control for the given path.
 ServiceMap getAccessControllers()
          Returns the AccessControllers used to control access to paths.
 int getAccessDeniedListenerCount()
          Returns the number of "access denied" listeners.
 AccessDeniedListener[] getAccessDeniedListeners()
          Returns the array of "access denied" listeners.
 boolean getCacheResults()
          Do we cache results when looking up AccessControllers?
 java.lang.String getDeniedAccessURL()
          Returns the default URL to redirect to if access is denied.
 boolean getIgnoreCaseInPath()
          Returns true if the case should be ignored when the path info is compared to an access controlled path, false otherwise.
 java.lang.String getProfilePath()
          Gets the Nucleus path of the Profile object.
 atg.servlet.VirtualContextRootService getVirtualContextRootService()
          Gets the VirtualContextRootService
 boolean isEnabled()
          Is access control enabled?
 boolean isUseContextPath()
          Get property UseContextPath
 void removeAccessAllowedListener(AccessAllowedListener pListener)
          Removes a listener from the list of "access allowed" listeners.
 void removeAccessDeniedListener(AccessDeniedListener pListener)
          Removes a listener from the list of "access denied" listeners.
 void sendAccessAllowedEvent(AccessAllowedEvent pEvent)
          Sends an "access allowed" event to all the "access allowed" listeners.
 void sendAccessDeniedEvent(AccessDeniedEvent pEvent)
          Sends an "access denied" event to all the "access denied" listeners.
 void service(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Services a DynamoHttpServletRequest/Response pair.
 void setAccessControllers(ServiceMap pAccessControllers)
          Sets the AccessControllers used to control access to paths.
 void setCacheResults(boolean pCacheResults)
          Sets whether to cache results when looking up AccessControllers.
 void setDeniedAccessURL(java.lang.String pDeniedAccessURL)
          Sets the default URL to redirect to if access is denied.
 void setEnabled(boolean pEnabled)
          Sets whether or not access control is enabled.
 void setIgnoreCaseInPath(boolean pIgnoreCaseInPath)
          Sets the flag indicating whether case should be ignored when the path info is compared to an access controlled path.
 void setProfilePath(java.lang.String pProfilePath)
          Sets the Nucleus path of the Profile object.
 void setUseContextPath(boolean pUseContextPath)
          Set property UseContextPath
 void setVirtualContextRootService(atg.servlet.VirtualContextRootService pVirtualContextRootService)
          Sets the VirtualContextRootService
 
Methods inherited from class atg.servlet.pipeline.PipelineableServletImpl
createAdminServlet, destroy, getAdminServlet, getNextServlet, getServletConfig, getServletInfo, init, isUsePathInfo, passRequest, passRequest, service, service, setNextServlet, setServletInfo, setUsePathInfo
 
Methods inherited from class atg.nucleus.TimedOperationService
getAverageRequestHandlingTime, getHandledRequestCount, getRequestStartTime, getTotalRequestHandlingTime, isKeepingStatistics, notifyHandledRequest, resetStatistics, setKeepingStatistics
 
Methods inherited from class atg.nucleus.GenericService
addLogListener, doStopService, getAbsoluteName, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, reResolveThis, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService
 
Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION
Class version string

NO_ACCESS_CONTROLLER

public static final java.lang.String NO_ACCESS_CONTROLLER
Indicates the absence of an access controller in the path cache

See Also:
Constant Field Values
Constructor Detail

AccessControlServlet

public AccessControlServlet()
Method Detail

setUseContextPath

public void setUseContextPath(boolean pUseContextPath)
Set property UseContextPath

Parameters:
pUseContextPath - if true, use the request's context path as part of the access control path. Default is true

isUseContextPath

public boolean isUseContextPath()
Get property UseContextPath

Returns:
if true, use the request's context path as part of the access control path. Default is true

isEnabled

public boolean isEnabled()
Is access control enabled?

setEnabled

public void setEnabled(boolean pEnabled)
Sets whether or not access control is enabled.

getCacheResults

public boolean getCacheResults()
Do we cache results when looking up AccessControllers?

setCacheResults

public void setCacheResults(boolean pCacheResults)
Sets whether to cache results when looking up AccessControllers.

getProfilePath

public java.lang.String getProfilePath()
Gets the Nucleus path of the Profile object.

setProfilePath

public void setProfilePath(java.lang.String pProfilePath)
Sets the Nucleus path of the Profile object.

getAccessControllers

public ServiceMap getAccessControllers()
Returns the AccessControllers used to control access to paths. When a path is processed, the list of access controllers will be searched for the longest match between the access controller key and the requested path, and the corresponding controller will be used.

setAccessControllers

public void setAccessControllers(ServiceMap pAccessControllers)
Sets the AccessControllers used to control access to paths. When a path is processed, the list of access controllers will be searched for the longest match between the access controller key and the requested path, and the corresponding controller will be used.

getVirtualContextRootService

public atg.servlet.VirtualContextRootService getVirtualContextRootService()
Gets the VirtualContextRootService

setVirtualContextRootService

public void setVirtualContextRootService(atg.servlet.VirtualContextRootService pVirtualContextRootService)
Sets the VirtualContextRootService

getAccessController

public AccessController getAccessController(java.lang.String pRequestPath)
Returns the AccessController which should be used to perform access control for the given path.

getAccessController

public AccessController getAccessController(atg.userprofiling.AccessControlServlet.ControllerArrayMember[] pControllerArray,
                                            java.lang.String pRequestPath)
Returns the AccessController which should be used to perform access control for the given path.

Parameters:
pControllerArray - array of ControllerArrayMember
pRequestPath - request path
Returns:
AccessController if found, otherwise null

getIgnoreCaseInPath

public boolean getIgnoreCaseInPath()
Returns true if the case should be ignored when the path info is compared to an access controlled path, false otherwise.

setIgnoreCaseInPath

public void setIgnoreCaseInPath(boolean pIgnoreCaseInPath)
Sets the flag indicating whether case should be ignored when the path info is compared to an access controlled path.

addAccessAllowedListener

public void addAccessAllowedListener(AccessAllowedListener pListener)
Adds a listener to the list of "access allowed" listeners.

removeAccessAllowedListener

public void removeAccessAllowedListener(AccessAllowedListener pListener)
Removes a listener from the list of "access allowed" listeners.

getAccessAllowedListeners

public AccessAllowedListener[] getAccessAllowedListeners()
Returns the array of "access allowed" listeners.

getAccessAllowedListenerCount

public int getAccessAllowedListenerCount()
Returns the number of "access allowed" listeners.

sendAccessAllowedEvent

public void sendAccessAllowedEvent(AccessAllowedEvent pEvent)
Sends an "access allowed" event to all the "access allowed" listeners.

addAccessDeniedListener

public void addAccessDeniedListener(AccessDeniedListener pListener)
Adds a listener to the list of "access denied" listeners.

removeAccessDeniedListener

public void removeAccessDeniedListener(AccessDeniedListener pListener)
Removes a listener from the list of "access denied" listeners.

getAccessDeniedListeners

public AccessDeniedListener[] getAccessDeniedListeners()
Returns the array of "access denied" listeners.

getAccessDeniedListenerCount

public int getAccessDeniedListenerCount()
Returns the number of "access denied" listeners.

sendAccessDeniedEvent

public void sendAccessDeniedEvent(AccessDeniedEvent pEvent)
Sends an "access denied" event to all the "access denied" listeners.

getDeniedAccessURL

public java.lang.String getDeniedAccessURL()
Returns the default URL to redirect to if access is denied. If an AccessController does not specify its own deniedAccessURL, this default one is used.

setDeniedAccessURL

public void setDeniedAccessURL(java.lang.String pDeniedAccessURL)
Sets the default URL to redirect to if access is denied. If an AccessController does not specify its own deniedAccessURL, this default one is used.

service

public void service(DynamoHttpServletRequest pRequest,
                    DynamoHttpServletResponse pResponse)
             throws java.io.IOException,
                    javax.servlet.ServletException
Services a DynamoHttpServletRequest/Response pair.

Overrides:
service in class PipelineableServletImpl
Throws:
javax.servlet.ServletException - if an error occurred while processing the servlet request
java.io.IOException - if an error occurred while reading or writing the servlet request

doStartService

public void doStartService()
                    throws ServiceException
Called after the service has been created, placed into the naming hierarchy, and initialized with its configured property values. Makes sure all the required properties have been set in the .properties file.

Overrides:
doStartService in class GenericService
Throws:
ServiceException - if the service had a problem starting up
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD