RuleAccessController (ATG Java API)

java.lang.Object
- atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
- - atg.nucleus.GenericService
  - - atg.userprofiling.RuleAccessController

All Implemented Interfaces:

atg.core.logging.Logging, atg.core.logging.TraceLogging, atg.naming.AbsoluteNameable, NameContextBindingListener, NameContextElement, atg.naming.NameContextParentable, NameResolver, AdminableService, atg.nucleus.Configured, ApplicationLogging, atg.nucleus.logging.ApplicationLoggingSender, atg.nucleus.logging.TraceApplicationLogging, VariableArgumentApplicationLogging, ComponentNameResolver, Service, ServiceListener, AccessController, atg.userprofiling.ConfigurableAccessController, java.util.EventListener
```
public class RuleAccessController
extends GenericService
implements atg.userprofiling.ConfigurableAccessController
```
This implementation of AccessController performs access control based on an arbitrary set of rules, specified via the service's ruleSetService property, which defines the rules. For example, if there is a RuleSetService named PreferredMembersRuleSetService, configured with the following rule set:
<ruleset>
<accepts>
<rule op=eq>
<valueof target="GoldAccounts">
<valueof constant="true">
</rule>
<rule op=gt>
<valueof target="numLogins">
<valueof constant="20">
</rule>
</accepts>
</ruleset>

and the ruleSetService property points to PreferredMembersRuleSetService, then the user will be allowed access only if their GoldAccounts property is, true, or if they have logged in more than 20 times. Note that when the rules are evaluated, the user's Profile object is used to resolve the target expressions. Note also that the rules should evaluate to a boolean.
The optional sourceMap property, if provided, is used to resolve any bean expressions in the access control rules. If no such expressions occur in the rules, this property can be left null.

See Also:
AccessControlServlet, RuleSetService, RuleNode

Field Summary

Fields
Modifier and Type Field and Description

static java.lang.String CLASS_VERSION
Class version string
- Fields inherited from class atg.nucleus.GenericService
  SERVICE_INFO_KEY
- Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging
  DEFAULT_LOG_TRACE_STATUS
- Fields inherited from interface atg.nucleus.logging.ApplicationLogging
  DEFAULT_LOG_DEBUG_STATUS, DEFAULT_LOG_ERROR_STATUS, DEFAULT_LOG_INFO_STATUS, DEFAULT_LOG_WARNING_STATUS

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`CLASS_VERSION` Class version string

Constructor Summary

Constructors
Constructor and Description

RuleAccessController()

Constructors
Constructor and Description
`RuleAccessController()`

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`allowAccess(Profile pProfile, DynamoHttpServletRequest pRequest)` Returns true if a user (represented by the specified Profile) should be allowed access, false if not.
`void`	`doStartService()` Called after the service has been created, placed into the naming hierarchy, and initialized with its configured property values.
`java.lang.String`	`getDeniedAccessURL()` Returns the URL to go to when access is denied.
`java.lang.String`	`getDeniedAccessURL(Profile pProfile)` Returns a URL the user should be redirected to if allowAccess returns false.
`protected NameResolver`	`getNameResolver(DynamoHttpServletRequest pRequest)` Returns a NameResolver which can be used to resolve names of components in the access control rules.
`atg.targeting.RuleSetService`	`getRuleSetService()` Returns the RuleSetService containing access control rules.
`TargetingSourceMap`	`getSourceMap()` Returns the TargetingSourceMap used to resolve component names in rules.
`boolean`	`isDenyAnonymousUsers()` Gets the denyAnonymousUsers property
`boolean`	`isEnabled()` Is access control enabled?
`void`	`setDeniedAccessURL(java.lang.String pDeniedAccessURL)` Sets the URL to go to when access is denied.
`void`	`setDenyAnonymousUsers(boolean pDenyAnonymousUsers)` Sets the denyAnonymousUsers property
`void`	`setEnabled(boolean pEnabled)` Sets whether or not access control is enabled.
`void`	`setRuleSetService(atg.targeting.RuleSetService pRuleSetService)` Sets the RuleSetService containing access control rules.
`void`	`setSourceMap(TargetingSourceMap pSourceMap)` Sets the TargetingSourceMap used to resolve component names in rules.

Methods inherited from class atg.nucleus.GenericService
addLogListener, createAdminServlet, doStopService, getAbsoluteName, getAdminServlet, getAdminServletOutputStreamEncoding, getLoggingForVlogging, getLogListenerCount, getLogListeners, getName, getNameContext, getNucleus, getRoot, getServiceConfiguration, getServiceInfo, isAdminServletUseServletOutputStream, isLoggingDebug, isLoggingError, isLoggingInfo, isLoggingTrace, isLoggingWarning, isRunning, logDebug, logDebug, logDebug, logError, logError, logError, logInfo, logInfo, logInfo, logTrace, logTrace, logTrace, logWarning, logWarning, logWarning, nameContextElementBound, nameContextElementUnbound, removeLogListener, reResolveThis, resolveName, resolveName, resolveName, resolveName, sendLogEvent, setAdminServletOutputStreamEncoding, setAdminServletUseServletOutputStream, setLoggingDebug, setLoggingError, setLoggingInfo, setLoggingTrace, setLoggingWarning, setNucleus, setServiceInfo, startService, stopService

Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl
vlogDebug, vlogDebug, vlogDebug, vlogDebug, vlogDebugTrace, vlogError, vlogError, vlogError, vlogError, vlogInfo, vlogInfo, vlogInfo, vlogInfo, vlogTrace, vlogTrace, vlogTrace, vlogTrace, vlogWarning, vlogWarning, vlogWarning, vlogWarning

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - CLASS_VERSION
```
public static java.lang.String CLASS_VERSION
```
    Class version string
- Constructor Detail
  - RuleAccessController
```
public RuleAccessController()
```
- Method Detail
  - isEnabled
```
public boolean isEnabled()
```
    Is access control enabled?
    
    Specified by:
    
    isEnabled in interface atg.userprofiling.ConfigurableAccessController
  - setEnabled
```
public void setEnabled(boolean pEnabled)
```
    Sets whether or not access control is enabled.
  - getRuleSetService
```
public atg.targeting.RuleSetService getRuleSetService()
```
    Returns the RuleSetService containing access control rules.
  - setRuleSetService
```
public void setRuleSetService(atg.targeting.RuleSetService pRuleSetService)
```
    Sets the RuleSetService containing access control rules.
  - getSourceMap
```
public TargetingSourceMap getSourceMap()
```
    Returns the TargetingSourceMap used to resolve component names in rules.
  - setSourceMap
```
public void setSourceMap(TargetingSourceMap pSourceMap)
```
    Sets the TargetingSourceMap used to resolve component names in rules.
  - getDeniedAccessURL
```
public java.lang.String getDeniedAccessURL()
```
    Returns the URL to go to when access is denied. The URL can be either relative or absolute.
  - setDeniedAccessURL
```
public void setDeniedAccessURL(java.lang.String pDeniedAccessURL)
```
    Sets the URL to go to when access is denied. The URL can be either relative or absolute.
  - setDenyAnonymousUsers
```
public void setDenyAnonymousUsers(boolean pDenyAnonymousUsers)
```
    Sets the denyAnonymousUsers property
    
    Parameters:
    pDenyAnonymousUsers - if true, then anonymous users are automatically denied access
  - isDenyAnonymousUsers
```
public boolean isDenyAnonymousUsers()
```
    Gets the denyAnonymousUsers property
    
    Returns:
    whether anonymous users are automatically denied access
  - allowAccess
```
public boolean allowAccess(Profile pProfile,
                  DynamoHttpServletRequest pRequest)
```
    Returns true if a user (represented by the specified Profile) should be allowed access, false if not.
    
    Specified by:
    
    allowAccess in interface AccessController
  - getNameResolver
```
protected NameResolver getNameResolver(DynamoHttpServletRequest pRequest)
```
    Returns a NameResolver which can be used to resolve names of components in the access control rules. If the sourceMap property is not null, its global name resolver is returned. Otherwise, returns null.
  - getDeniedAccessURL
```
public java.lang.String getDeniedAccessURL(Profile pProfile)
```
    Returns a URL the user should be redirected to if allowAccess returns false.
    
    Specified by:
    
    getDeniedAccessURL in interface AccessController
  - doStartService
```
public void doStartService()
                    throws ServiceException
```
    Called after the service has been created, placed into the naming hierarchy, and initialized with its configured property values. Makes sure all the required properties have been set in the .properties file.
    
    Overrides:
    
    doStartService in class GenericService
    
    Throws:
    
    ServiceException - if the service had a problem starting up

Class RuleAccessController

Field Summary

Fields inherited from class atg.nucleus.GenericService

Fields inherited from interface atg.nucleus.logging.TraceApplicationLogging

Fields inherited from interface atg.nucleus.logging.ApplicationLogging

Constructor Summary

Method Summary

Methods inherited from class atg.nucleus.GenericService

Methods inherited from class atg.nucleus.logging.VariableArgumentApplicationLoggingImpl

Methods inherited from class java.lang.Object

Field Detail

CLASS_VERSION

Constructor Detail

RuleAccessController

Method Detail

isEnabled

setEnabled

getRuleSetService

setRuleSetService

getSourceMap

setSourceMap

getDeniedAccessURL

setDeniedAccessURL

setDenyAnonymousUsers

isDenyAnonymousUsers

allowAccess

getNameResolver

getDeniedAccessURL

doStartService