Extending the Standard Security Policy

You can extend the StandardSecurityPolicy to make the policy more flexible or tighter, depending on the needs of your application.

In the following example, access is denied if the access control list is null (unspecified):

public class DefaultDenySecurityPolicy
     extends StandardSecurityPolicy
{
  public int getAccess(AccessControlList pAcl,
                       Object pObject,
                       Persona pPersona,
                       AccessRight pRight,
                       boolean pExactPersona)
  {
    if (pAcl == null)
      return DENIED;
    else
      return super.getAccess(pAcl, pObject, pPersona, pRight, pExactPersona);
  }
}

In the following example, access is denied except during the hours of 9:00 to 5:00 in the default (local) time zone:

public class DenyOutsideBusinessHoursSecurityPolicy
     extends StandardSecurityPolicy
{
  public int getAccess(AccessControlList pAcl,
                       Object pObject,
                       Persona pPersona,
                       AccessRight pRight,
                       boolean pExactPersona)
  {
    Calendar calender = new GregorianCalendar(new Date());
    int hourOfDay = calendar.get(Calendar.HOUR_OF_DAY);
    if ((hourOfDay < 9) || (hourOfDay > 5))
      return DENIED;
    else
      return super.getAccess(pAcl, pObject, pPersona, pRight, pExactPersona);
  }
}

Copyright © 1997, 2015 Oracle and/or its affiliates. All rights reserved. Legal Notices