|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.struts.chain.commands.ActionCommandBase org.apache.struts.chain.commands.AbstractAuthorizeAction
public abstract class AbstractAuthorizeAction
Determine whether the requested action is authorized for the current user. If not, abort chain processing and perferably, return an error message of some kind.
Field Summary |
---|
Fields inherited from interface org.apache.commons.chain.Command |
---|
CONTINUE_PROCESSING, PROCESSING_COMPLETE |
Constructor Summary | |
---|---|
AbstractAuthorizeAction()
|
Method Summary | |
---|---|
boolean |
execute(ActionContext actionCtx)
Determine whether the requested action is authorized for the current user. |
protected abstract String |
getErrorMessage(ActionContext context,
ActionConfig actionConfig)
Retrieve error message from context. |
protected boolean |
isAuthorizationRequired(ActionConfig actionConfig)
Must authorization rules be consulted? The base implementation returns true if the given ActionConfig has
one or more roles defined. |
protected abstract boolean |
isAuthorized(ActionContext context,
String[] roles,
ActionConfig actionConfig)
Determine if the action is authorized for the given roles. |
Methods inherited from class org.apache.struts.chain.commands.ActionCommandBase |
---|
execute |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public AbstractAuthorizeAction()
Method Detail |
---|
public boolean execute(ActionContext actionCtx) throws Exception
Determine whether the requested action is authorized for the current user. If not, abort chain processing and perferably, return an error message of some kind.
execute
in interface ActionCommand
execute
in class ActionCommandBase
actionCtx
- The Context
for the current request
false
if the user is authorized for the selected
action, else true
to abort processing.
UnauthorizedActionException
- if authorization fails
or if an error is encountered in the course of performing the authorization.
Exception
- On any errorprotected boolean isAuthorizationRequired(ActionConfig actionConfig)
Must authorization rules be consulted? The base implementation
returns true
if the given ActionConfig
has
one or more roles defined.
actionConfig
- the current ActionConfig object
isAuthorized
method should be
consulted.protected abstract boolean isAuthorized(ActionContext context, String[] roles, ActionConfig actionConfig) throws Exception
Determine if the action is authorized for the given roles.
context
- The Context
for the current requestroles
- An array of valid roles for this requestactionConfig
- The current action mapping
true
if the request is authorized, else
false
UnauthorizedActionException
- If the logic determines that the request is not authorized
but does not wish to rely upon the default mechanism reporting the error.
Exception
- If the action cannot be tested for authorizationprotected abstract String getErrorMessage(ActionContext context, ActionConfig actionConfig)
Retrieve error message from context.
context
- The Context
for the current requestactionConfig
- The current action mapping
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |