org.wicketstuff.security.swarm.strategies

Class SwarmStrategy

java.lang.Object

org.wicketstuff.security.strategies.WaspAuthorizationStrategy

org.wicketstuff.security.strategies.ClassAuthorizationStrategy

org.wicketstuff.security.swarm.strategies.AbstractSwarmStrategy

org.wicketstuff.security.swarm.strategies.SwarmStrategy

All Implemented Interfaces:

Serializable, org.apache.wicket.authorization.IAuthorizationStrategy

public class SwarmStrategy
extends AbstractSwarmStrategy

Implementation of a ClassAuthorizationStrategy. It allows for both simple logins as well as multi level logins.

Author:

marrink

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy

org.apache.wicket.authorization.IAuthorizationStrategy.AllowAllAuthorizationStrategy

Field Summary

Fields inherited from class org.wicketstuff.security.swarm.strategies.AbstractSwarmStrategy

loginContainer

Fields inherited from class org.wicketstuff.security.strategies.WaspAuthorizationStrategy

MESSAGE_KEY

Fields inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy

ALLOW_ALL

Constructor Summary

Constructors

Constructor and Description
SwarmStrategy(Class<? extends ISecureComponent> secureClass, Object hiveQueen) Constructs a new strategy linked to the specified hive.
SwarmStrategy(Object hiveQueen) Constructs a new strategy linked to the specified hive.

Method Summary

Methods

Modifier and Type	Method and Description
protected Hive	getHive() Returns the hive.
protected LoginContainer	getLoginContainer() The LoginContainer keeps track of all Subjects for this session..
boolean	hasPermission(Permission permission, Subject subject) Performs the actual permission check at the Hive.
boolean	isResourceAuthorized(org.apache.wicket.request.resource.IResource resource, org.apache.wicket.request.mapper.parameter.PageParameters parameters)
boolean	isUserAuthenticated() Checks if there is a user logged in at all.
void	login(Object context) Logs a user in.
boolean	logoff(Object context) Loggs a user off.
protected void	logPermissionDenied(Permission permission, Subject subject) Logs (if logging is enabled) which permission was denied for a subject.

Methods inherited from class org.wicketstuff.security.swarm.strategies.AbstractSwarmStrategy

getSubject, hasPermission, isClassAuthenticated, isClassAuthorized, isComponentAuthenticated, isComponentAuthorized, isModelAuthenticated, isModelAuthorized

Methods inherited from class org.wicketstuff.security.strategies.ClassAuthorizationStrategy

destroy, getClassChecks, getClassChecks, getExceptionMessage, isInstantiationAuthorized

Methods inherited from class org.wicketstuff.security.strategies.WaspAuthorizationStrategy

createMessageSource, get, getActionFactory, getMessageSource, getMessageSource, getSecurityCheck, isActionAuthorized, logMessage, logMessage, logMessage, logMessages, removeMessageSource, setStrategyResolver

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SwarmStrategy

public SwarmStrategy(Object hiveQueen)

Constructs a new strategy linked to the specified hive.

Parameters:

hiveQueen - A key to retrieve the Hive

SwarmStrategy

public SwarmStrategy(Class<? extends ISecureComponent> secureClass,
             Object hiveQueen)

Constructs a new strategy linked to the specified hive.

Parameters:

secureClass - instances of this class will be required to have access authorization.

hiveQueen - A key to retrieve the Hive

Method Detail

getHive

protected final Hive getHive()

Returns the hive.

Returns:

the hive.

Throws:

SecurityException - if no hive is registered.

hasPermission

public boolean hasPermission(Permission permission,
                    Subject subject)

Performs the actual permission check at the Hive.

Specified by:

hasPermission in class AbstractSwarmStrategy

Parameters:

permission - the permission to verify

subject - optional subject to test against the permission

Returns:

true if the subject has or implies the permission, false otherwise

Throws:

SecurityException - if the permission is null

logPermissionDenied

protected void logPermissionDenied(Permission permission,
                       Subject subject)

Logs (if logging is enabled) which permission was denied for a subject. This method does not log directly but prepares an IAuthorizationMessageSource for later retrieval. The following variables are stored: "permission","actions", "subject" and "principals" where principals is a collection of principals that contain the permission and actions is a String representing all the WaspActions required. Note that the subject variable might be null.

Parameters:

permission - permission that was denied.

subject - optional subject

See Also:

WaspAuthorizationStrategy.logMessages(), WaspAuthorizationStrategy.getMessageSource()

login

public void login(Object context)
           throws LoginException

Logs a user in. Note that the context must be an instance of LoginContext.

Specified by:

login in class WaspAuthorizationStrategy

Parameters:

context - a not further specified object that provides all the information to log the user on

Throws:

LoginException - if the login is unsuccessful

See Also:

WaspAuthorizationStrategy.login(java.lang.Object)

logoff

public boolean logoff(Object context)

Loggs a user off. Note that the context must be an instance of LoginContext and must be the same (or equal) to the logincontext used to log in.

Specified by:

logoff in class WaspAuthorizationStrategy

Parameters:

context - a not further specified object, might be null

Returns:

true if the logoff was successful, false otherwise

See Also:

WaspAuthorizationStrategy.logoff(Object)

getLoginContainer

protected final LoginContainer getLoginContainer()

The LoginContainer keeps track of all Subjects for this session..

Returns:

loginContainer

isUserAuthenticated

public boolean isUserAuthenticated()

Description copied from class: WaspAuthorizationStrategy

Checks if there is a user logged in at all. This will return true after a successful WaspAuthorizationStrategy.login(Object) and false after a successful WaspAuthorizationStrategy.logoff(Object). Note that in a multi-login scenario this method returns true until all successful logins are countered with a successful logoff.

Specified by:

isUserAuthenticated in class WaspAuthorizationStrategy

Returns:

true while a user is logged in, false otherwise

See Also:

WaspAuthorizationStrategy.isUserAuthenticated()

isResourceAuthorized

public boolean isResourceAuthorized(org.apache.wicket.request.resource.IResource resource,
                           org.apache.wicket.request.mapper.parameter.PageParameters parameters)