Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

atg.servlet.security
Class SecurityAccessor

java.lang.Object
  extended by atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      extended by atg.nucleus.GenericService
          extended by atg.nucleus.TimedOperationService
              extended by atg.nucleus.servlet.ServletService
                  extended by atg.nucleus.servlet.HttpServletService
                      extended by atg.servlet.DynamoServlet
                          extended by atg.servlet.security.SecurityAccessor
All Implemented Interfaces:
atg.naming.AbsoluteNameable, NameContextBindingListener, NameContextElement, atg.naming.NameContextParentable, NameResolver, AdminableService, atg.nucleus.Configured, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, ParameterServlet, java.util.EventListener, javax.servlet.Servlet
public class SecurityAccessor
extends DynamoServlet

The SecurityAccessor conditionally renders its oparameter based on the value of allowGroup, denyGroup parameter.

allowGroups
Names of a groups to which the current session's user must belong to in order to render the approprite html.
The value of "allowGroups" is converted into a list of strings and that list is then checked against Personae which the current session's user carries.
denyGroups
Names of a groups to which the current session's user must not belong to in order to render the approprite html.
The value of "denyGroups" is converted into a list of strings and that list is then checked against Personae which the current session's user carries.
If the the user does not belong to any of the denyGroups and is in one of the allowGroups, then the output param accessGranted rendered, otherwise accessDenied is rendered.
Example:

Field Summary
static ParameterName ALLOW_GROUPS
           
static ParameterName ALLOWED
           
static java.lang.String CLASS_VERSION
           
static ParameterName DENIED
           
static ParameterName DENY_GROUPS
           
 
Fields inherited from class atg.servlet.DynamoServlet
mAllowCleanupRequest, mParameters
 
Fields inherited from class atg.nucleus.servlet.ServletService
SERVLET_INFO_KEY
 
Fields inherited from class atg.nucleus.GenericService
SERVICE_INFO_KEY
 
Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
DEFAULT_LOG_TRACE_STATUS
 
Fields inherited from interface atg.nucleus.logging.ApplicationLogging
DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS
 
Constructor Summary
SecurityAccessor()
           
 
Method Summary
 UserAuthority getUserAuthority()
          Returns User Authority that consult the validity of the user
 UserLoginManager getUserManager()
          Returns User Manager to get the top level Persona from
protected  java.lang.String[] parameterToStringArray(DynamoHttpServletRequest pRequest, ParameterName pName)
          Given a paramter name, it converts the parameter's value into a string array separated by SEPARATOR
 void service(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)
          Render the Security Accessor
 void setUserAuthority(UserAuthority pUserAuthority)
          Sets User Authority that consults the validity of the user
 void setUserManager(UserLoginManager pUserManager)
          Sets User Manager to get the top level Persona from
 
Methods inherited from class atg.servlet.DynamoServlet
doDelete, doGet, doPost, doPut, getParameter, getParameters, getServletContext, init, service, service, setParameter
 
Methods inherited from class atg.nucleus.servlet.ServletService
destroy, getServletConfig, getServletInfo, setServletInfo
 
Methods inherited from class atg.nucleus.TimedOperationService
getAverageRequestHandlingTime, getHandledRequestCount, getRequestStartTime, getTotalRequestHandlingTime, isKeepingStatistics, notifyHandledRequest, resetStatistics, setKeepingStatistics
 
Methods inherited from class atg.nucleus.GenericService
addLogListener, createAdminServlet, doStartService, doStopService, getAbsoluteName, getAdminServlet, getAdminServletOutputStreamEncoding, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isAdminServletUseServletOutputStream, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, reResolveThis, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setAdminServletOutputStreamEncoding, setAdminServletUseServletOutputStream, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService
 
Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogDebugTrace, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

ALLOW_GROUPS

public static final ParameterName ALLOW_GROUPS

DENY_GROUPS

public static final ParameterName DENY_GROUPS

ALLOWED

public static final ParameterName ALLOWED

DENIED

public static final ParameterName DENIED
Constructor Detail

SecurityAccessor

public SecurityAccessor()
Method Detail

setUserAuthority

public void setUserAuthority(UserAuthority pUserAuthority)
Sets User Authority that consults the validity of the user

getUserAuthority

public UserAuthority getUserAuthority()
Returns User Authority that consult the validity of the user

setUserManager

public void setUserManager(UserLoginManager pUserManager)
Sets User Manager to get the top level Persona from

getUserManager

public UserLoginManager getUserManager()
Returns User Manager to get the top level Persona from

service

public void service(DynamoHttpServletRequest pRequest,
                    DynamoHttpServletResponse pResponse)
             throws javax.servlet.ServletException,
                    java.io.IOException
Render the Security Accessor

Overrides:
service in class DynamoServlet
Parameters:
pRequest - the request to be processed
pResponse - the response object for this request
Throws:
javax.servlet.ServletException - an application specific error occurred processing this request
java.io.IOException - an error occurred reading data from the request or writing data to the response.

parameterToStringArray

protected java.lang.String[] parameterToStringArray(DynamoHttpServletRequest pRequest,
                                                    ParameterName pName)
Given a paramter name, it converts the parameter's value into a string array separated by SEPARATOR

Parameters:
pRequest - is the current request associated with the given session
pName - is the name of the parameter whose value will be returned as a string array
Returns:
the value of pName as an array
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD