Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.seam.security
Class RuleBasedIdentity

java.lang.Object
  extended by org.jboss.seam.security.Identity
      extended by org.jboss.seam.security.RuleBasedIdentity
All Implemented Interfaces:
Serializable
@Name(value="org.jboss.seam.security.identity")
@Scope(value=SESSION)
@BypassInterceptors
@Install(precedence=10,
         classDependencies="org.drools.WorkingMemory")
@Startup
public class RuleBasedIdentity
extends Identity

Identity implementation that supports permission checking via a Drools rulebase.

Author:
Shane Bryzak
See Also:
Serialized Form

Field Summary
static String RULES_COMPONENT_NAME
           
 
Fields inherited from class org.jboss.seam.security.Identity
EVENT_CREDENTIALS_UPDATED, EVENT_LOGGED_OUT, EVENT_LOGIN_FAILED, EVENT_LOGIN_SUCCESSFUL, EVENT_NOT_AUTHORIZED, EVENT_NOT_LOGGED_IN, EVENT_POST_AUTHENTICATE, EVENT_PRE_AUTHENTICATE, EVENT_REMEMBER_ME, ROLES_GROUP, securityEnabled
 
Constructor Summary
RuleBasedIdentity()
           
 
Method Summary
 boolean addRole(String role)
          Adds a role to the user's subject, and their security context
 void create()
           
 org.drools.StatefulSession getSecurityContext()
           
 org.drools.RuleBase getSecurityRules()
           
 boolean hasPermission(String name, String action, Object... arg)
          Performs a permission check for the specified name and action
 boolean hasRole(String role)
          Overridden version of hasRole() that checks for the existence of the role in the security context first.
protected  void initSecurityContext()
           
 void logout()
           
protected  void postAuthenticate()
           
 void removeRole(String role)
          Removes a role from the user's subject and their security context
 void setSecurityContext(org.drools.StatefulSession securityContext)
           
 void setSecurityRules(org.drools.RuleBase securityRules)
           
protected  void unAuthenticate()
          Removes all Role objects from the security context, removes the "Roles" group from the user's subject.
 
Methods inherited from class org.jboss.seam.security.Identity
authenticate, authenticate, checkEntityPermission, checkPermission, checkRestriction, checkRole, evaluateExpression, getAuthenticateMethod, getDefaultCallbackHandler, getJaasConfigName, getLoginContext, getPassword, getPrincipal, getSubject, getUsername, instance, isCredentialsSet, isLoggedIn, isLoggedIn, isRememberMe, isSecurityEnabled, login, preAuthenticate, quietLogin, setAuthenticateMethod, setJaasConfigName, setPassword, setRememberMe, setSecurityEnabled, setUsername
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

RULES_COMPONENT_NAME

public static final String RULES_COMPONENT_NAME
See Also:
Constant Field Values
Constructor Detail

RuleBasedIdentity

public RuleBasedIdentity()
Method Detail

create

public void create()
Overrides:
create in class Identity

initSecurityContext

protected void initSecurityContext()

postAuthenticate

protected void postAuthenticate()
Overrides:
postAuthenticate in class Identity

hasPermission

public boolean hasPermission(String name,
                             String action,
                             Object... arg)
Performs a permission check for the specified name and action

Overrides:
hasPermission in class Identity
Parameters:
name - String The permission name
action - String The permission action
arg - Object Optional object parameter used to make a permission decision
Returns:
boolean True if the user has the specified permission

hasRole

public boolean hasRole(String role)
Overridden version of hasRole() that checks for the existence of the role in the security context first. If it is not found there, then the super method is invoked instead.

Overrides:
hasRole in class Identity
Parameters:
role - String The name of the role to check
Returns:
boolean True if the user is a member of the specified role

unAuthenticate

protected void unAuthenticate()
Description copied from class: Identity
Removes all Role objects from the security context, removes the "Roles" group from the user's subject.

Overrides:
unAuthenticate in class Identity

addRole

public boolean addRole(String role)
Description copied from class: Identity
Adds a role to the user's subject, and their security context

Overrides:
addRole in class Identity
Parameters:
role - The name of the role to add

removeRole

public void removeRole(String role)
Description copied from class: Identity
Removes a role from the user's subject and their security context

Overrides:
removeRole in class Identity
Parameters:
role - The name of the role to remove

getSecurityContext

public org.drools.StatefulSession getSecurityContext()

setSecurityContext

public void setSecurityContext(org.drools.StatefulSession securityContext)

getSecurityRules

public org.drools.RuleBase getSecurityRules()

setSecurityRules

public void setSecurityRules(org.drools.RuleBase securityRules)

logout

public void logout()
Overrides:
logout in class Identity
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD