org.apache.jetspeed.security.impl
Class SecurityAccessControllerImpl

java.lang.Object
  extended by org.apache.jetspeed.security.impl.SecurityAccessControllerImpl
All Implemented Interfaces:
SecurityAccessController

public class SecurityAccessControllerImpl
extends java.lang.Object
implements SecurityAccessController

SecurityAccessorImpl implements SecurityAccessor component abstracting access to either Security Permission or Security Constraint implementations

Version:
$Id: $
Author:
David Sean Taylor

Field Summary
protected  PageManager pageManager
           
protected  int securityMode
           
 
Fields inherited from interface org.apache.jetspeed.security.SecurityAccessController
CONSTRAINTS, PERMISSIONS
 
Constructor Summary
SecurityAccessControllerImpl(PageManager pageManager, int securityMode)
           
 
Method Summary
 boolean checkPortletAccess(PortletDefinitionComposite portlet, int mask)
           Checks access for the implicit active subject's access to the resource protected by the portlet permission This is an abstraction introduced in 2.1 for Permission Manager implementations NOT founded upon the a Java security policy.
 int getSecurityMode()
          Returns the configured security mode for this accessor This component can be configured to make Java Security Policy permission checks or Jetspeed Security Constraint checks
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

pageManager

protected PageManager pageManager

securityMode

protected int securityMode
Constructor Detail

SecurityAccessControllerImpl

public SecurityAccessControllerImpl(PageManager pageManager,
                                    int securityMode)
Method Detail

getSecurityMode

public int getSecurityMode()
Description copied from interface: SecurityAccessController
Returns the configured security mode for this accessor This component can be configured to make Java Security Policy permission checks or Jetspeed Security Constraint checks

Specified by:
getSecurityMode in interface SecurityAccessController
Returns:
either PERMISSIONS or CONSTRAINTS

checkPortletAccess

public boolean checkPortletAccess(PortletDefinitionComposite portlet,
                                  int mask)
Description copied from interface: SecurityAccessController

Checks access for the implicit active subject's access to the resource protected by the portlet permission This is an abstraction introduced in 2.1 for Permission Manager implementations NOT founded upon the a Java security policy. If the Permission Manager is configured to run with Security Constraints, then a security constraint check is made. Otherwise, a standard Java Security permission check is made.

Specified by:
checkPortletAccess in interface SecurityAccessController
Parameters:
portlet - The portlet to be checked
mask - A mask JetspeedActions such as view, edit
Returns:
true if access is granted, false if access denied based on policy or constraints


Copyright © 1999-2009 Apache Software Foundation. All Rights Reserved.