Author: shane.bryzak(a)jboss.com Date: 2008-02-03 22:24:52 -0500 (Sun, 03 Feb 2008) New Revision: 7353 Modified: trunk/src/main/org/jboss/seam/security/Identity.java trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java Log: clean up javadoc, use accessor methods Modified: trunk/src/main/org/jboss/seam/security/Identity.java =================================================================== --- trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-04 03:12:48 UTC (rev 7352) +++ trunk/src/main/org/jboss/seam/security/Identity.java 2008-02-04 03:24:52 UTC (rev 7353) @@ -42,14 +42,11 @@ import org.jboss.seam.web.Session; /** - * API for authorization and authentication via - * Seam security. This base implementation - * supports role-based authorization only. - * Subclasses may add more sophisticated - * permissioning mechanisms. + * API for authorization and authentication via Seam security. This base + * implementation supports role-based authorization only. Subclasses may add + * more sophisticated permissioning mechanisms. * * @author Shane Bryzak - * */ @Name("org.jboss.seam.security.identity") @Scope(SESSION) @@ -307,9 +304,7 @@ } /** - * Removes all Role objects from the security context, removes the "Roles" - * group from the user's subject. - * + * Resets all security state and credentials */ public void unAuthenticate() { @@ -338,7 +333,7 @@ } /** - * Checks if the authenticated Identity is a member of the specified role. + * Checks if the authenticated user is a member of the specified role. * * @param role String The name of the role to check * @return boolean True if the user is a member of the specified role @@ -360,7 +355,10 @@ } /** - * Adds a role to the user's subject, and their security context + * Adds a role to the authenticated user. If the user is not logged in, + * the role will be added to a list of roles that will be granted to the + * user upon successful authentication, but only during the authentication + * process. * * @param role The name of the role to add */ @@ -391,7 +389,7 @@ } /** - * Removes a role from the user's subject and their security context + * Removes a role from the authenticated user * * @param role The name of the role to remove */ @@ -417,11 +415,11 @@ } /** - * Assert that the current authenticated Identity is a member of + * Checks that the current authenticated user is a member of * the specified role. * * @param role String The name of the role to check - * @throws AuthorizationException if not a member + * @throws AuthorizationException if the authenticated user is not a member of the role */ public void checkRole(String role) { @@ -443,7 +441,7 @@ } /** - * Assert that the current authenticated Identity has permission for + * Checks that the current authenticated user has permission for * the specified name and action * * @param name String The permission name @@ -523,8 +521,7 @@ * @return boolean The result of the expression evaluation */ protected boolean evaluateExpression(String expr) - { - // The following line doesn't work in MyFaces + { return Expressions.instance().createValueExpression(expr, Boolean.class).getValue(); } Modified: trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java =================================================================== --- trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-04 03:12:48 UTC (rev 7352) +++ trunk/src/main/org/jboss/seam/security/RuleBasedIdentity.java 2008-02-04 03:24:52 UTC (rev 7353) @@ -57,17 +57,17 @@ protected void initSecurityContext() { - if (securityRules==null) + if (getSecurityRules() == null) { - securityRules = (RuleBase) Component.getInstance(RULES_COMPONENT_NAME, true); + setSecurityRules((RuleBase) Component.getInstance(RULES_COMPONENT_NAME, true)); } - if (securityRules != null) + if (getSecurityRules() != null) { - securityContext = securityRules.newStatefulSession(false); + setSecurityContext(getSecurityRules().newStatefulSession(false)); } - if (securityContext == null) + if (getSecurityContext() == null) { log.warn("no security rule base available - please install a RuleBase with the name '" + RULES_COMPONENT_NAME + "' if permission checks are required."); @@ -144,7 +144,11 @@ public void unAuthenticate() { super.unAuthenticate(); - setSecurityContext(null); + if (getSecurityContext() != null) + { + getSecurityContext().dispose(); + setSecurityContext(null); + } initSecurityContext(); } @@ -224,10 +228,10 @@ public void logout() { // Explicitly destroy the security context - if (securityContext != null) + if (getSecurityContext() != null) { - securityContext.dispose(); - securityContext = null; + getSecurityContext().dispose(); + setSecurityContext(null); } super.logout();