SecurityManager (OOWeb 0.8.0 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.sf.ooweb.http
Class SecurityManager

java.lang.Object
  net.sf.ooweb.http.SecurityManager

public class SecurityManager
extends java.lang.Object
extends java.lang.Object

SecurityHandler

Since:: 0.7
Author:: Darren Davison

Field Summary
`protected java.util.logging.Logger`	`logger`
`static java.lang.String`	`LOGIN_FORM_POST`
`static java.lang.String`	`LOGIN_REDIRECT_COOKIE_NAME`
`static java.lang.String`	`PASSWORD_FIELD`
`static java.lang.String`	`USER_SESSION_KEY`
`static java.lang.String`	`USERNAME_FIELD`

Constructor Summary
`SecurityManager(Registry registry)`

Method Summary
`ResponseState`	`checkRequest(java.lang.String context, ObjectAndMethod oam, java.util.Map<java.lang.String,java.lang.String> cookieMap, java.util.Map<java.lang.String,java.lang.Object> reqParams, java.lang.String basicAuthHeader, java.util.Map session)` handles a request from a security perspective, performing authentication and authorisation as required

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

PASSWORD_FIELD

public static final java.lang.String PASSWORD_FIELD

See Also:: Constant Field Values

USERNAME_FIELD

public static final java.lang.String USERNAME_FIELD

See Also:: Constant Field Values

LOGIN_FORM_POST

public static final java.lang.String LOGIN_FORM_POST

See Also:: Constant Field Values

USER_SESSION_KEY

public static final java.lang.String USER_SESSION_KEY

See Also:: Constant Field Values

LOGIN_REDIRECT_COOKIE_NAME

public static final java.lang.String LOGIN_REDIRECT_COOKIE_NAME

See Also:: Constant Field Values

logger

protected final java.util.logging.Logger logger

Constructor Detail

SecurityManager

public SecurityManager(Registry registry)

Parameters:: registry -

Method Detail

checkRequest

public ResponseState checkRequest(java.lang.String context,
                                  ObjectAndMethod oam,
                                  java.util.Map<java.lang.String,java.lang.String> cookieMap,
                                  java.util.Map<java.lang.String,java.lang.Object> reqParams,
                                  java.lang.String basicAuthHeader,
                                  java.util.Map session)
                           throws NotAuthenticatedException,
                                  NotAuthorisedException

handles a request from a security perspective, performing authentication and authorisation as required

Parameters:: reqParams -; basicAuthHeader -
Returns:: null if the request may proceed unhindered, or a ResponseState indicating the target (usually a login form)
Throws:: NotAuthenticatedException - if the request contains bad credentials; NotAuthorisedException - if the credentials are good but the user has no access to the requested resource