net.sf.ooweb.http
Class SecurityManager
java.lang.Object
net.sf.ooweb.http.SecurityManager
public class SecurityManager
- extends java.lang.Object
SecurityHandler
- Since:
- 0.7
- Author:
- Darren Davison
Method Summary |
ResponseState |
checkRequest(java.lang.String context,
ObjectAndMethod oam,
java.util.Map<java.lang.String,java.lang.String> cookieMap,
java.util.Map<java.lang.String,java.lang.Object> reqParams,
java.lang.String basicAuthHeader,
java.util.Map session)
handles a request from a security perspective, performing authentication
and authorisation as required |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
PASSWORD_FIELD
public static final java.lang.String PASSWORD_FIELD
- See Also:
- Constant Field Values
USERNAME_FIELD
public static final java.lang.String USERNAME_FIELD
- See Also:
- Constant Field Values
LOGIN_FORM_POST
public static final java.lang.String LOGIN_FORM_POST
- See Also:
- Constant Field Values
USER_SESSION_KEY
public static final java.lang.String USER_SESSION_KEY
- See Also:
- Constant Field Values
LOGIN_REDIRECT_COOKIE_NAME
public static final java.lang.String LOGIN_REDIRECT_COOKIE_NAME
- See Also:
- Constant Field Values
logger
protected final java.util.logging.Logger logger
SecurityManager
public SecurityManager(Registry registry)
- Parameters:
registry
-
checkRequest
public ResponseState checkRequest(java.lang.String context,
ObjectAndMethod oam,
java.util.Map<java.lang.String,java.lang.String> cookieMap,
java.util.Map<java.lang.String,java.lang.Object> reqParams,
java.lang.String basicAuthHeader,
java.util.Map session)
throws NotAuthenticatedException,
NotAuthorisedException
- handles a request from a security perspective, performing authentication
and authorisation as required
- Parameters:
reqParams
- basicAuthHeader
-
- Returns:
- null if the request may proceed unhindered, or a ResponseState
indicating the target (usually a login form)
- Throws:
NotAuthenticatedException
- if the request contains bad credentials
NotAuthorisedException
- if the credentials are good but the user
has no access to the requested resource
Copyright (C) 2005-2007 OOWeb Authors.