The atg.userprofiling.AccessControlService class performs the same function as AccessControlServlet, except that it only affects ATG Campaign Optimizer. For more information on the AccessControlServlet, see the Access Control section of the Working with User Profiles chapter of the ATG Personalization Programming Guide.
The AccessControlService component is located in the /atg/userprofiling/ directory when you run with the management module. It defines the following properties:
Property | Description |
|---|---|
The nucleus path where the profile object lives. By default, this value refers to the | |
A Boolean value that determines whether to perform access control. The default value is | |
Registers
The first entry allows anyone to access the login page, so they can log in. The next two entries allow anyone to access images or HTML style sheets because these are needed for the login page. The last entry means for all other ABTest pages, we make sure the user is logged in before we allow access. | |
The URL to which a user is redirected if access to an ATG Campaign Optimizer page is denied. The default value is |
Reconfigure the AccessControlService or the LoggedInAccessController component if you want to limit access to the ATG Campaign Optimizer user interface to a group of users.
The atg.filter.AccessControlFilter class is a J2EE filter class that defines the accessControlServicePath. It also has a handleDoFilter method that calls the AccessControlService.
The management module Web application’s web.xml file defines the following:
<filter> <filter-name>AccessControlFilter</filter-name> <filter-class>atg.filter.AccessControlFilter</filter-class> <init-param> <param-name>loggingDebug</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>loggingWarning</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>loggingError</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>loggingInfo</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>accessControlServicePath</param-name> <param-value>/atg/userprofiling/AccessControlService</param-value> </init-param> </filter> <filter-mapping> <filter-name>AccessControlFilter</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping>
The filter configuration registers the filter with the web application and defines its properties including the accessControlServicePath.
The logging properties can be configured to see debug output, etc.
The filter-mapping configuration tells the application to run the AccessControlFilter every time a page that ends in .jsp is accessed. Every time the user tries to access a page in the ATG Campaign Optimizer user interface, the AccessControlFilter calling the AccessControlService will allow or deny access.
