AccessControlServlet (ATG Java API)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

atg.userprofiling
Class AccessControlServlet

java.lang.Object
  atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      atg.nucleus.GenericService
          atg.nucleus.TimedOperationService
              atg.servlet.pipeline.PipelineableServletImpl
                  atg.userprofiling.AccessControlServlet

All Implemented Interfaces:: NameContextBindingListener, NameContextElement, NameResolver, AdminableService, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, atg.nucleus.logging.VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, PipelineableServlet, java.util.EventListener, javax.servlet.Servlet

public class AccessControlServlet
extends PipelineableServletImpl
extends PipelineableServletImpl

This pipeline servlet performs access control for a set of request URL paths, based on the Profile object associated with the request. The servlet is configured with a set of URL-to-AccessController mappings; if the URL being accessed is "guarded" by one of the AccessControllers, the request's Profile object is passed to the AccessController, which decides whether or not access should be allowed. If access is allowed, the request is passed on; if access is denied, the user is redirected to a specified deniedAccessURL.

This servlet comes with a list of AccessAllowedListeners and a list of AccessDeniedListeners, to allow logging or other functions to be performed when access is granted or denied.

See Also:: AccessController

Field Summary
`static java.lang.String`	`CLASS_VERSION` Class version string
`static java.lang.String`	`NO_ACCESS_CONTROLLER` Indicates the absence of an access controller in the path cache

Fields inherited from class atg.nucleus.GenericService
`SERVICE_INFO_KEY`

Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
`DEFAULT_LOG_TRACE_STATUS`

Fields inherited from interface atg.nucleus.logging.ApplicationLogging
`DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS`

Constructor Summary
`AccessControlServlet()`

Method Summary
`void`	`addAccessAllowedListener(AccessAllowedListener pListener)` Adds a listener to the list of "access allowed" listeners.
`void`	`addAccessDeniedListener(AccessDeniedListener pListener)` Adds a listener to the list of "access denied" listeners.
`void`	`doStartService()` Called after the service has been created, placed into the naming hierarchy, and initialized with its configured property values.
`int`	`getAccessAllowedListenerCount()` Returns the number of "access allowed" listeners.
`AccessAllowedListener[]`	`getAccessAllowedListeners()` Returns the array of "access allowed" listeners.
`AccessController`	`getAccessController(java.lang.String pRequestPath)` Returns the AccessController which should be used to perform access control for the given path.
`ServiceMap`	`getAccessControllers()` Returns the AccessControllers used to control access to paths.
`int`	`getAccessDeniedListenerCount()` Returns the number of "access denied" listeners.
`AccessDeniedListener[]`	`getAccessDeniedListeners()` Returns the array of "access denied" listeners.
`boolean`	`getCacheResults()` Do we cache results when looking up AccessControllers?
`java.lang.String`	`getDeniedAccessURL()` Returns the default URL to redirect to if access is denied.
`boolean`	`getIgnoreCaseInPath()` Returns true if the case should be ignored when the path info is compared to an access controlled path, false otherwise.
`java.lang.String`	`getProfilePath()` Gets the Nucleus path of the Profile object.
`boolean`	`isEnabled()` Is access control enabled?
`boolean`	`isUseContextPath()` Get property `UseContextPath`
`void`	`removeAccessAllowedListener(AccessAllowedListener pListener)` Removes a listener from the list of "access allowed" listeners.
`void`	`removeAccessDeniedListener(AccessDeniedListener pListener)` Removes a listener from the list of "access denied" listeners.
`void`	`sendAccessAllowedEvent(AccessAllowedEvent pEvent)` Sends an "access allowed" event to all the "access allowed" listeners.
`void`	`sendAccessDeniedEvent(AccessDeniedEvent pEvent)` Sends an "access denied" event to all the "access denied" listeners.
`void`	`service(DynamoHttpServletRequest pRequest, DynamoHttpServletResponse pResponse)` Services a DynamoHttpServletRequest/Response pair.
`void`	`setAccessControllers(ServiceMap pAccessControllers)` Sets the AccessControllers used to control access to paths.
`void`	`setCacheResults(boolean pCacheResults)` Sets whether to cache results when looking up AccessControllers.
`void`	`setDeniedAccessURL(java.lang.String pDeniedAccessURL)` Sets the default URL to redirect to if access is denied.
`void`	`setEnabled(boolean pEnabled)` Sets whether or not access control is enabled.
`void`	`setIgnoreCaseInPath(boolean pIgnoreCaseInPath)` Sets the flag indicating whether case should be ignored when the path info is compared to an access controlled path.
`void`	`setProfilePath(java.lang.String pProfilePath)` Sets the Nucleus path of the Profile object.
`void`	`setUseContextPath(boolean pUseContextPath)` Set property `UseContextPath`

Methods inherited from class atg.servlet.pipeline.PipelineableServletImpl
`createAdminServlet, destroy, getAdminServlet, getNextServlet, getServletConfig, getServletInfo, init, isUsePathInfo, passRequest, passRequest, service, service, setNextServlet, setServletInfo, setUsePathInfo`

Methods inherited from class atg.nucleus.TimedOperationService
`getAverageRequestHandlingTime, getHandledRequestCount, getRequestStartTime, getTotalRequestHandlingTime, isKeepingStatistics, notifyHandledRequest, resetStatistics, setKeepingStatistics`

Methods inherited from class atg.nucleus.GenericService
addLogListener, doStopService, getAbsoluteName, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService

Methods inherited from class atg.nucleus.GenericService

addLogListener, doStopService, getAbsoluteName, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService

Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
`vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION

Class version string

NO_ACCESS_CONTROLLER

public static final java.lang.String NO_ACCESS_CONTROLLER

Indicates the absence of an access controller in the path cache

See Also:: Constant Field Values

Constructor Detail

AccessControlServlet

public AccessControlServlet()

Method Detail

setUseContextPath

public void setUseContextPath(boolean pUseContextPath)

Set property UseContextPath

Parameters:: pUseContextPath - if true, use the request's context path as part of the access control path. Default is true

isUseContextPath

public boolean isUseContextPath()

Get property UseContextPath

Returns:: if true, use the request's context path as part of the access control path. Default is true

isEnabled

public boolean isEnabled()

Is access control enabled?

setEnabled

public void setEnabled(boolean pEnabled)

Sets whether or not access control is enabled.

getCacheResults

public boolean getCacheResults()

Do we cache results when looking up AccessControllers?

setCacheResults

public void setCacheResults(boolean pCacheResults)

Sets whether to cache results when looking up AccessControllers.

getProfilePath

public java.lang.String getProfilePath()

Gets the Nucleus path of the Profile object.

setProfilePath

public void setProfilePath(java.lang.String pProfilePath)

Sets the Nucleus path of the Profile object.

getAccessControllers

public ServiceMap getAccessControllers()

Returns the AccessControllers used to control access to paths. When a path is processed, the list of access controllers will be searched for the longest match between the access controller key and the requested path, and the corresponding controller will be used.

setAccessControllers

public void setAccessControllers(ServiceMap pAccessControllers)

Sets the AccessControllers used to control access to paths. When a path is processed, the list of access controllers will be searched for the longest match between the access controller key and the requested path, and the corresponding controller will be used.

getAccessController

public AccessController getAccessController(java.lang.String pRequestPath)

Returns the AccessController which should be used to perform access control for the given path.

getIgnoreCaseInPath

public boolean getIgnoreCaseInPath()

Returns true if the case should be ignored when the path info is compared to an access controlled path, false otherwise.

setIgnoreCaseInPath

public void setIgnoreCaseInPath(boolean pIgnoreCaseInPath)

Sets the flag indicating whether case should be ignored when the path info is compared to an access controlled path.

addAccessAllowedListener

public void addAccessAllowedListener(AccessAllowedListener pListener)

Adds a listener to the list of "access allowed" listeners.

removeAccessAllowedListener

public void removeAccessAllowedListener(AccessAllowedListener pListener)

Removes a listener from the list of "access allowed" listeners.

getAccessAllowedListeners

public AccessAllowedListener[] getAccessAllowedListeners()

Returns the array of "access allowed" listeners.

getAccessAllowedListenerCount

public int getAccessAllowedListenerCount()

Returns the number of "access allowed" listeners.

sendAccessAllowedEvent

public void sendAccessAllowedEvent(AccessAllowedEvent pEvent)

Sends an "access allowed" event to all the "access allowed" listeners.

addAccessDeniedListener

public void addAccessDeniedListener(AccessDeniedListener pListener)

Adds a listener to the list of "access denied" listeners.

removeAccessDeniedListener

public void removeAccessDeniedListener(AccessDeniedListener pListener)

Removes a listener from the list of "access denied" listeners.

getAccessDeniedListeners

public AccessDeniedListener[] getAccessDeniedListeners()

Returns the array of "access denied" listeners.

getAccessDeniedListenerCount

public int getAccessDeniedListenerCount()

Returns the number of "access denied" listeners.

sendAccessDeniedEvent

public void sendAccessDeniedEvent(AccessDeniedEvent pEvent)

Sends an "access denied" event to all the "access denied" listeners.

getDeniedAccessURL

public java.lang.String getDeniedAccessURL()

Returns the default URL to redirect to if access is denied. If an AccessController does not specify its own deniedAccessURL, this default one is used.

setDeniedAccessURL

public void setDeniedAccessURL(java.lang.String pDeniedAccessURL)

Sets the default URL to redirect to if access is denied. If an AccessController does not specify its own deniedAccessURL, this default one is used.

service

public void service(DynamoHttpServletRequest pRequest,
                    DynamoHttpServletResponse pResponse)
             throws java.io.IOException,
                    javax.servlet.ServletException

Services a DynamoHttpServletRequest/Response pair.

Overrides:: service in class PipelineableServletImpl

Throws:: javax.servlet.ServletException - if an error occurred while processing the servlet request; java.io.IOException - if an error occurred while reading or writing the servlet request

doStartService

public void doStartService()
                    throws ServiceException

Called after the service has been created, placed into the naming hierarchy, and initialized with its configured property values. Makes sure all the required properties have been set in the .properties file.

Overrides:: doStartService in class GenericService

Throws:: ServiceException - if the service had a problem starting up