com.bea.security.entitlements.admin.beans
Class SecurityBean

java.lang.Object
  extended bycom.bea.security.entitlements.admin.beans.SecurityBean

public class SecurityBean
extends java.lang.Object

SecurityBean provides hooks for authorization checks. These hooks append resource information that provides the context in which the resource resides. For example the canViewResource methods appends the componentId to the end of the resource : /


Field Summary
static java.lang.String ASI_QUERY_RESOURCE_DENIED
           
static java.lang.String ASI_QUERY_RESOURCE_GRANTED
           
 
Constructor Summary
SecurityBean()
          Default Constructor - loads application configuration, initializes policy services such as authentication service and authorization service
 
Method Summary
 boolean canViewResource(java.lang.String componentId)
          For the current selected node, does the logged user have privilege to view component
 boolean isAccessAllowed(java.lang.String action, java.lang.String res)
          Authorization call for given resource and action
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ASI_QUERY_RESOURCE_DENIED

public static final java.lang.String ASI_QUERY_RESOURCE_DENIED
See Also:
Constant Field Values

ASI_QUERY_RESOURCE_GRANTED

public static final java.lang.String ASI_QUERY_RESOURCE_GRANTED
See Also:
Constant Field Values
Constructor Detail

SecurityBean

public SecurityBean()
Default Constructor - loads application configuration, initializes policy services such as authentication service and authorization service

Method Detail

canViewResource

public boolean canViewResource(java.lang.String componentId)
For the current selected node, does the logged user have privilege to view component

Parameters:
componentId - could be of type, Role, pSet or report.
Returns:
true if allowes, false otherwise

isAccessAllowed

public boolean isAccessAllowed(java.lang.String action,
                               java.lang.String res)
Authorization call for given resource and action

Parameters:
action - requested action such as view / create etc
res - on resource such as Role, permission or metaobjects
Returns:
true if authorized, false otherwise


Copyright © 2007 BEA Systems Inc. All Rights Reserved.