Author: shane.bryzak(a)jboss.com
Date: 2008-02-03 22:24:52 -0500 (Sun, 03 Feb 2008)
New Revision: 7353
Modified:
trunk/src/main/org/jboss/seam/security/Identity.java
trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java
Log:
clean up javadoc, use accessor methods
Modified: trunk/src/main/org/jboss/seam/security/Identity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-04 03:12:48 UTC (rev
7352)
+++ trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-04 03:24:52 UTC (rev
7353)
@@ -42,14 +42,11 @@
import org.jboss.seam.web.Session;
/**
- * API for authorization and authentication via
- * Seam security. This base implementation
- * supports role-based authorization only.
- * Subclasses may add more sophisticated
- * permissioning mechanisms.
+ * API for authorization and authentication via Seam security. This base
+ * implementation supports role-based authorization only. Subclasses may add
+ * more sophisticated permissioning mechanisms.
*
* @author Shane Bryzak
- *
*/
@Name("org.jboss.seam.security.identity")
@Scope(SESSION)
@@ -307,9 +304,7 @@
}
/**
- * Removes all Role objects from the security context, removes the "Roles"
- * group from the user's subject.
- *
+ * Resets all security state and credentials
*/
public void unAuthenticate()
{
@@ -338,7 +333,7 @@
}
/**
- * Checks if the authenticated Identity is a member of the specified role.
+ * Checks if the authenticated user is a member of the specified role.
*
* @param role String The name of the role to check
* @return boolean True if the user is a member of the specified role
@@ -360,7 +355,10 @@
}
/**
- * Adds a role to the user's subject, and their security context
+ * Adds a role to the authenticated user. If the user is not logged in,
+ * the role will be added to a list of roles that will be granted to the
+ * user upon successful authentication, but only during the authentication
+ * process.
*
* @param role The name of the role to add
*/
@@ -391,7 +389,7 @@
}
/**
- * Removes a role from the user's subject and their security context
+ * Removes a role from the authenticated user
*
* @param role The name of the role to remove
*/
@@ -417,11 +415,11 @@
}
/**
- * Assert that the current authenticated Identity is a member of
+ * Checks that the current authenticated user is a member of
* the specified role.
*
* @param role String The name of the role to check
- * @throws AuthorizationException if not a member
+ * @throws AuthorizationException if the authenticated user is not a member of the
role
*/
public void checkRole(String role)
{
@@ -443,7 +441,7 @@
}
/**
- * Assert that the current authenticated Identity has permission for
+ * Checks that the current authenticated user has permission for
* the specified name and action
*
* @param name String The permission name
@@ -523,8 +521,7 @@
* @return boolean The result of the expression evaluation
*/
protected boolean evaluateExpression(String expr)
- {
- // The following line doesn't work in MyFaces
+ {
return Expressions.instance().createValueExpression(expr,
Boolean.class).getValue();
}
Modified: trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-04 03:12:48 UTC
(rev 7352)
+++ trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-04 03:24:52 UTC
(rev 7353)
@@ -57,17 +57,17 @@
protected void initSecurityContext()
{
- if (securityRules==null)
+ if (getSecurityRules() == null)
{
- securityRules = (RuleBase) Component.getInstance(RULES_COMPONENT_NAME, true);
+ setSecurityRules((RuleBase) Component.getInstance(RULES_COMPONENT_NAME, true));
}
- if (securityRules != null)
+ if (getSecurityRules() != null)
{
- securityContext = securityRules.newStatefulSession(false);
+ setSecurityContext(getSecurityRules().newStatefulSession(false));
}
- if (securityContext == null)
+ if (getSecurityContext() == null)
{
log.warn("no security rule base available - please install a RuleBase with
the name '" +
RULES_COMPONENT_NAME + "' if permission checks are
required.");
@@ -144,7 +144,11 @@
public void unAuthenticate()
{
super.unAuthenticate();
- setSecurityContext(null);
+ if (getSecurityContext() != null)
+ {
+ getSecurityContext().dispose();
+ setSecurityContext(null);
+ }
initSecurityContext();
}
@@ -224,10 +228,10 @@
public void logout()
{
// Explicitly destroy the security context
- if (securityContext != null)
+ if (getSecurityContext() != null)
{
- securityContext.dispose();
- securityContext = null;
+ getSecurityContext().dispose();
+ setSecurityContext(null);
}
super.logout();