Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware
Java API Reference for Oracle PDK Java
11g Release 1 (11.1.1)
E10691-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.portal.provider.v2.security
Class DenyAllSecurityManager

java.lang.Object
  extended by oracle.portal.provider.v2.security.PortletSecurityManager
      extended by oracle.portal.provider.v2.security.DenyAllSecurityManager

public class DenyAllSecurityManager
extends PortletSecurityManager

DenyAllSecurityManager is a simple security manager that always denys access regardless of the user or portlet instance. This can be used to test security features or make a portlet temporarily inaccessible to all users.

Constructor Summary
DenyAllSecurityManager()
           
 
Method Summary
 boolean hasAccess(PortletReference ref, ProviderUser user)
          Verifies whether the user is authorized to use this particular portlet instance.
 boolean hasAccess(ProviderInstance pi, PortletDefinition p, ProviderUser user)
          Verifies whether the user is authorized to use this Portlet.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DenyAllSecurityManager

public DenyAllSecurityManager()
Method Detail

hasAccess

public boolean hasAccess(ProviderInstance pi,
                         PortletDefinition p,
                         ProviderUser user)
Verifies whether the user is authorized to use this Portlet. That is does this user have the necessary privileges to create, get, copy, and destroy instances of this Portlet. This implementation always returns false and effectively denys access to all users. This security manager can be used to temporarily hide a portlet

Specified by:
hasAccess in class PortletSecurityManager
Parameters:
pi - the provider instance from which the portlet is being accessed.
p - the definition of the portlet which we want to authorize access to.
user - the current user we are being asked to authorize.
Returns:
false (denys access to all users for all portlets)

hasAccess

public boolean hasAccess(PortletReference ref,
                         ProviderUser user)
                  throws PortletNotFoundException
Verifies whether the user is authorized to use this particular portlet instance. Generally, this check will only be made of the default instance as it is assumed you cannot be denied access to the default while having access to the customized instance, and in turn must always have access to your customized version if you have access to the default. However, if asked to authorize a particular instance the PortletNotFoundException should be thrown if that instance doesn't exist (even if the default does). This implementation always returns false and effectively denys access to all users. This security manager can be used to temporarily hide a portlet

Specified by:
hasAccess in class PortletSecurityManager
Parameters:
ref - portlet reference
user - the current user we are being asked to authorize.
Returns:
always (denys access to all users for all portlet instances)
Throws:
PortletNotFoundException
Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Fusion Middleware
Java API Reference for Oracle PDK Java
11g Release 1 (11.1.1)
E10691-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright (c) 1999, 2009, Oracle and/or its affiliates. All rights reserved.