org.jboss.seam.security
Class RuleBasedIdentity
java.lang.Object
org.jboss.seam.core.AbstractMutable
org.jboss.seam.faces.Selector
org.jboss.seam.security.Identity
org.jboss.seam.security.RuleBasedIdentity
- All Implemented Interfaces:
- Serializable, Mutable
@Name(value="org.jboss.seam.security.identity")
@Scope(value=SESSION)
@BypassInterceptors
@Install(precedence=10,
classDependencies="org.drools.WorkingMemory")
@Startup
public class RuleBasedIdentity
- extends Identity
Identity implementation that supports permission
checking via a Drools rulebase.
- Author:
- Shane Bryzak
- See Also:
- Serialized Form
Methods inherited from class org.jboss.seam.security.Identity |
addLoginFailedMessage, addLoginSuccessfulMessage, authenticate, authenticate, beginRequest, checkEntityPermission, checkPermission, checkRestriction, checkRole, endRequest, evaluateExpression, getAuthenticateEveryRequest, getAuthenticateMethod, getCookieName, getDefaultCallbackHandler, getJaasConfigName, getLoginContext, getLoginFailedMessage, getLoginFailedMessageKey, getLoginFailedMessageSeverity, getLoginSuccessfulMessage, getLoginSuccessfulMessageKey, getLoginSuccessfulMessageSeverity, getPassword, getPrincipal, getSubject, getUsername, initCredentialsFromCookie, instance, isCredentialsSet, isLoggedIn, isLoggedIn, isRememberMe, isSecurityEnabled, login, logout, postRememberMe, preAuthenticate, quietLogin, setAuthenticateEveryRequest, setAuthenticateMethod, setJaasConfigName, setPassword, setRememberMe, setSecurityEnabled, setUsername |
Methods inherited from class org.jboss.seam.faces.Selector |
clearCookieValue, getCookie, getCookieMaxAge, getCookiePath, getCookieValue, getCookieValueIfEnabled, isCookieEnabled, setCookieEnabled, setCookieMaxAge, setCookiePath, setCookieValueIfEnabled |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RULES_COMPONENT_NAME
public static final String RULES_COMPONENT_NAME
- See Also:
- Constant Field Values
RuleBasedIdentity
public RuleBasedIdentity()
create
public void create()
- Overrides:
create
in class Identity
initSecurityContext
protected void initSecurityContext()
postAuthenticate
protected void postAuthenticate()
- Overrides:
postAuthenticate
in class Identity
hasPermission
public boolean hasPermission(String name,
String action,
Object... arg)
- Performs a permission check for the specified name and action
- Overrides:
hasPermission
in class Identity
- Parameters:
name
- String The permission nameaction
- String The permission actionarg
- Object Optional object parameter used to make a permission decision
- Returns:
- boolean True if the user has the specified permission
hasRole
public boolean hasRole(String role)
- Overridden version of hasRole() that checks for the existence of the role
in the security context first. If it is not found there, then the super
method is invoked instead.
- Overrides:
hasRole
in class Identity
- Parameters:
role
- String The name of the role to check
- Returns:
- boolean True if the user is a member of the specified role
unAuthenticate
protected void unAuthenticate()
- Description copied from class:
Identity
- Removes all Role objects from the security context, removes the "Roles"
group from the user's subject.
- Overrides:
unAuthenticate
in class Identity
addRole
public boolean addRole(String role)
- Description copied from class:
Identity
- Adds a role to the user's subject, and their security context
- Overrides:
addRole
in class Identity
- Parameters:
role
- The name of the role to add
removeRole
public void removeRole(String role)
- Description copied from class:
Identity
- Removes a role from the user's subject and their security context
- Overrides:
removeRole
in class Identity
- Parameters:
role
- The name of the role to remove
getSecurityContext
public org.drools.StatefulSession getSecurityContext()
setSecurityContext
public void setSecurityContext(org.drools.StatefulSession securityContext)
getSecurityRules
public org.drools.RuleBase getSecurityRules()
setSecurityRules
public void setSecurityRules(org.drools.RuleBase securityRules)