org.apache.turbine.modules.actions
Class AccessController
java.lang.Object
org.apache.turbine.modules.Assembler
org.apache.turbine.modules.Action
org.apache.turbine.modules.actions.AccessController
public class AccessController
- extends Action
This action doPerforms an Access Control List and places it into
the RunData object, so it is easily available to modules. The ACL
is also placed into the session. Modules can null out the ACL to
force it to be rebuilt based on more information.
Turbine uses a User-Role-Permission arrangement for access control.
Users are assigned Roles. Roles are assigned Permissions. Turbine
modules then check the Permission required for an action or
information with the set of Permissions currently associated with
the session (which are dependent on the user associated with the
session.)
The criteria for assigning Roles/Permissions is application
dependent, in some cases an application may change a User's Roles
during the session. To achieve flexibility, the ACL takes an
Object parameter, which the application can use to doPerform the
ACL.
This action is special in that it should only be executed by the
Turbine servlet.
- Version:
- $Id: AccessController.java 1066529 2011-02-02 17:01:46Z ludwig $
- Author:
- John D. McNally, Brett McLaughlin, Quinton McCombs, Peter Courcoux
Method Summary |
void |
doPerform(PipelineData pipelineData)
If there is a user and the user is logged in, doPerform will
set the RunData ACL. |
void |
doPerform(RunData data)
Deprecated. Use PipelineData version instead. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
AccessController
public AccessController()
doPerform
@Deprecated
public void doPerform(RunData data)
throws TurbineSecurityException
- Deprecated. Use PipelineData version instead.
- If there is a user and the user is logged in, doPerform will
set the RunData ACL. The list is first sought from the current
session, otherwise it is loaded through
TurbineSecurity.getACL()
and added to the current
session.
- Specified by:
doPerform
in class Action
- Parameters:
data
- Turbine information.
- Throws:
TurbineSecurityException
- problem with the security service.- See Also:
TurbineSecurity
doPerform
public void doPerform(PipelineData pipelineData)
throws TurbineSecurityException
- If there is a user and the user is logged in, doPerform will
set the RunData ACL. The list is first sought from the current
session, otherwise it is loaded through
TurbineSecurity.getACL()
and added to the current
session.
- Overrides:
doPerform
in class Action
- Parameters:
data
- Turbine information.
- Throws:
TurbineSecurityException
- problem with the security service.- See Also:
TurbineSecurity
Copyright © 2000-2011 The Apache Software Foundation. All Rights Reserved.