atg.servlet.security
Class PathSecurityDomain

java.lang.Object
  atg.security.GenericSecurityDomain
      atg.servlet.security.PathSecurityDomain

All Implemented Interfaces:

SecurityDomain, java.io.Serializable

public class PathSecurityDomain
extends GenericSecurityDomain

See Also:

Serialized Form

Field Summary

static java.lang.String

CLASS_VERSION Class Version String

Constructor Summary

PathSecurityDomain()

Method Summary

SecuredResource	createResourceAsUser(User pUser, java.lang.Object pObject, java.lang.Object pResourceKey, AccessControlEntry[] pInitialAcl) Creates a new SecuredResource object, with the specified key, for the specified object using the specified resource key, using the specified user ID.
boolean	getCacheResults() Do we cache results when looking up SecuredResources?
java.lang.String[]	getKeys() Returns List of keys sorted by length
SecuredResource	getResource(java.lang.Object pResourceKey) Returns the resource with the given key, or null if it's not a known resource.
java.util.Enumeration	getResources() Returns an enumeration of SecuredResource objects that are managed by the security domain.
ServiceMap	getSecuredResources() Returns A list of resources protected by this SecurityDomain
boolean	hasAccess(User pUser, AccessRight pDesiredAccess, java.lang.Object pResourceKey) Checks the access permissions on a resource for the indicated user.
boolean	isEnabled() Returns Is this servlet enabled inside of the pipline?
void	setCacheResults(boolean pCacheResults) Sets whether to cache results when looking up SecuredResources.
void	setEnabled(boolean pEnabled) Sets Is this servlet enabled inside of the pipline?
void	setSecuredResources(ServiceMap pSecuredResources) Sets A list of resources protected by this SecurityDomain

Methods inherited from class atg.security.GenericSecurityDomain

addAccessAllowedListener, addAccessDeniedListener, addAccessRight, createResource, fireAccessAllowedEvent, fireAccessDeniedEvent, fireAccessEvent, getAccessRights, getCreationRightsAttribute, getDefaultAcl, getSecurityDomainDescription, getSecurityDomainName, getUserAuthority, hasAccess, hasAccessRight, hasAccessRight, hasAccessRight, hasAccessRight, isRightInPersonae, removeAccessAllowedListener, removeAccessDeniedListener, removeAccessRight, setAccessRights, setCreationRightsAttribute, setInitialAcl, setSecurityDomainDescription, setSecurityDomainName, setUserAuthority

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

Class Version String

Constructor Detail

PathSecurityDomain

public PathSecurityDomain()

Method Detail

getCacheResults

public boolean getCacheResults()

Do we cache results when looking up SecuredResources?

setCacheResults

public void setCacheResults(boolean pCacheResults)

Sets whether to cache results when looking up SecuredResources.

getKeys

public java.lang.String[] getKeys()

Returns List of keys sorted by length

setEnabled

public void setEnabled(boolean pEnabled)

Sets Is this servlet enabled inside of the pipline?

isEnabled

public boolean isEnabled()

Returns Is this servlet enabled inside of the pipline?

setSecuredResources

public void setSecuredResources(ServiceMap pSecuredResources)

Sets A list of resources protected by this SecurityDomain

getSecuredResources

public ServiceMap getSecuredResources()

Returns A list of resources protected by this SecurityDomain

getResource

public SecuredResource getResource(java.lang.Object pResourceKey)
                            throws InvalidResourceException,
                                   PermissionDeniedException

Returns the resource with the given key, or null if it's not a known resource.

Throws:

InvalidResourceException

PermissionDeniedException

getResources

public java.util.Enumeration getResources()
                                   throws PermissionDeniedException

Returns an enumeration of SecuredResource objects that are managed by the security domain. This is useful for browsing, which we will not be doing in the particular implementation, but here it is anyways. Ha!

Throws:

PermissionDeniedException

hasAccess

public boolean hasAccess(User pUser,
                         AccessRight pDesiredAccess,
                         java.lang.Object pResourceKey)
                  throws InvalidResourceException,
                         InvalidAccessRightException

Checks the access permissions on a resource for the indicated user.

Specified by:

hasAccess in interface SecurityDomain

Overrides:

hasAccess in class GenericSecurityDomain

Parameters:

user - The user attempting access.

desiredAccess - The access that is desired.

resourceKey - The key used to look up the resource to access.

Returns:

True if access is allowed, false if not.

Throws:

InvalidResourceException

InvalidAccessRightException

createResourceAsUser

public SecuredResource createResourceAsUser(User pUser,
                                            java.lang.Object pObject,
                                            java.lang.Object pResourceKey,
                                            AccessControlEntry[] pInitialAcl)
                                     throws InvalidResourceException,
                                            InvalidAccessControlEntryException,
                                            PermissionDeniedException

Creates a new SecuredResource object, with the specified key, for the specified object using the specified resource key, using the specified user ID. An optional access control list may be specified.

Parameters:

pUser - The user security object.

pObject - The object to be assigned a SecuredResource object.

pResourceKey - The key to use for the SecuredResource object.

pInitialAcl - The access control list to assign to the SecuredResource object on creation. If null, the security domain will use a reasonable default.

Throws:

InvalidResourceException

InvalidAccessControlEntryException

PermissionDeniedException