Overview  Package   Class  Tree  Deprecated  Index  Help 
Version 4.7.1
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

hirondelle.web4j.security
Class UntrustedProxyForUserIdImpl

Object
  extended by hirondelle.web4j.security.UntrustedProxyForUserIdImpl
All Implemented Interfaces:
UntrustedProxyForUserId
public final class UntrustedProxyForUserIdImpl
extends Object
implements UntrustedProxyForUserId

Default implementation of UntrustedProxyForUserId.

This implementation depends on settings in web.xml, which are read in by init(ServletConfig). Later, each request URL is parsed by usesUntrustedIdentifier(RequestParser), and an attempt is made to find a match to the aforementioned settings in web.xml.

Constructor Summary
UntrustedProxyForUserIdImpl()
           
 
Method Summary
static void init(ServletConfig aConfig)
          Read in the values of an optional init-param in web.xml named UntrustedProxyForUserId.
 boolean usesUntrustedIdentifier(RequestParser aRequestParser)
          Return true only if the given request matches one of the items defined by the UntrustedProxyForUserId setting in web.xml.
 
Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

UntrustedProxyForUserIdImpl

public UntrustedProxyForUserIdImpl()
Method Detail

init

public static void init(ServletConfig aConfig)
Read in the values of an optional init-param in web.xml named UntrustedProxyForUserId.

This class uses settings in web.xml to define requests having ownership constraints that use an untrusted proxy for the user id. It uses a roughly similar style as used for role-based constraints. Here is an example of a number of several such ownership constraints defined in web.xml:

<init-param>
  <description>
    Operations having an ownership constraint that uses an untrusted identifier. 
  </description>
  <param-name>UntrustedProxyForUserId</param-name>
  <param-value>
    FoodAction.*
    VacationAction.add
    VacationAction.delete
  </param-value>
</init-param>

Each line is treated as a separate constraint, one per line. You can define as many as required. The period character separates the 'noun' (the Action) from the 'verb' (the Operation).

The special '*' character refers to all verbs/operations attached to a given noun/action.

usesUntrustedIdentifier

public boolean usesUntrustedIdentifier(RequestParser aRequestParser)
Return true only if the given request matches one of the items defined by the UntrustedProxyForUserId setting in web.xml.

For example, given the URL : 

'.../VacationAction.list?X=Y'
this method will parse the URL into a 'noun' and a 'verb' : 
noun: 'VacationAction'
verb: 'list'
It will then compare the noun-and-verb to the settings defined in web.xml (see init(ServletConfig)). If there is a match, then this method returns true.

Specified by:
usesUntrustedIdentifier in interface UntrustedProxyForUserId
Overview  Package   Class  Tree  Deprecated  Index  Help 
Version 4.7.1
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright Hirondelle Systems. Published September 24, 2011 - User Guide - All Docs.