Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

atg.security
Class RegisteredUsersSecurityPolicy

java.lang.Object
  extended by atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
      extended by atg.nucleus.GenericService
          extended by atg.security.StandardSecurityPolicy
              extended by atg.security.RegisteredUsersSecurityPolicy
All Implemented Interfaces:
atg.naming.AbsoluteNameable, NameContextBindingListener, NameContextElement, atg.naming.NameContextParentable, NameResolver, AdminableService, atg.nucleus.Configured, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, SecurityPolicy, java.util.EventListener
public class RegisteredUsersSecurityPolicy
extends StandardSecurityPolicy

A security policy that allows full access to registered users and denies access to anonymous users. An ACL can be supplied to deny rights to users. This is a useful policy if you just want an "are you logged in" access check.

Field Summary
static java.lang.String CLASS_VERSION
          Class version string
 
Fields inherited from class atg.nucleus.GenericService
SERVICE_INFO_KEY
 
Fields inherited from interface atg.security.SecurityPolicy
DENIED, GRANTED, UNSPECIFIED
 
Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
DEFAULT_LOG_TRACE_STATUS
 
Fields inherited from interface atg.nucleus.logging.ApplicationLogging
DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS
 
Constructor Summary
RegisteredUsersSecurityPolicy()
           
 
Method Summary
protected  User getCurrentUser()
          Calculates the current users.
 UserAuthority getUserAuthority()
          Returns the user authority for identities that are valid for registered users.
 boolean hasAccess(java.lang.Object pObject, User pUser, AccessRight pRight)
          Returns true if a user may perform a particular operation on an object.
protected  boolean isRegisteredUser(User pUser)
          Checks to see if the indicated user is a registered (logged-in) user.
 void setUserAuthority(UserAuthority pAuthority)
          Changes the user authority for identities that are valid for registered users.
 
Methods inherited from class atg.security.StandardSecurityPolicy
checkAccess, getAccess, getCompatiblePersona, getCompatiblePersonae, getCompleteAccessControlList, getCreationAccessControlList, getCreationAccessControlList, getCreationOwner, getCreationOwnerAccessControlList, getCreationSubPersonaeAccessControlList, getEffectiveAccessControlList, getImpliedAccessControlList, getUserPersonae
 
Methods inherited from class atg.nucleus.GenericService
addLogListener, createAdminServlet, doStartService, doStopService, getAbsoluteName, getAdminServlet, getAdminServletOutputStreamEncoding, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isAdminServletUseServletOutputStream, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, reResolveThis, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setAdminServletOutputStreamEncoding, setAdminServletUseServletOutputStream, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService
 
Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogDebugTrace, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

CLASS_VERSION

public static java.lang.String CLASS_VERSION
Class version string

Constructor Detail

RegisteredUsersSecurityPolicy

public RegisteredUsersSecurityPolicy()
Method Detail

getUserAuthority

public UserAuthority getUserAuthority()
Returns the user authority for identities that are valid for registered users.

setUserAuthority

public void setUserAuthority(UserAuthority pAuthority)
Changes the user authority for identities that are valid for registered users.

getCurrentUser

protected User getCurrentUser()
Calculates the current users. This implementation just calls through to ThreadSecurityManager.currentUser().

Overrides:
getCurrentUser in class StandardSecurityPolicy

isRegisteredUser

protected boolean isRegisteredUser(User pUser)
Checks to see if the indicated user is a registered (logged-in) user. If no user is specified, the current user (as determined by the getCurrentUser() method) is used.

hasAccess

public boolean hasAccess(java.lang.Object pObject,
                         User pUser,
                         AccessRight pRight)
                  throws SecurityException
Returns true if a user may perform a particular operation on an object.

Specified by:
hasAccess in interface SecurityPolicy
Overrides:
hasAccess in class StandardSecurityPolicy
Throws:
SecurityException
See Also:
StandardSecurityPolicy.getCurrentUser()
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD