[jboss-cvs] jboss-seam/src/main/org/jboss/seam/interceptors ...
Shane Bryzak
Shane_Bryzak at symantec.com
Sun Dec 10 19:56:30 EST 2006
User: sbryzak2
Date: 06/12/10 19:56:30
Modified: src/main/org/jboss/seam/interceptors
SecurityInterceptor.java
Log:
rule-based permission check
Revision Changes Path
1.13 +5 -2 jboss-seam/src/main/org/jboss/seam/interceptors/SecurityInterceptor.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SecurityInterceptor.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/interceptors/SecurityInterceptor.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -b -r1.12 -r1.13
--- SecurityInterceptor.java 4 Dec 2006 01:06:50 -0000 1.12
+++ SecurityInterceptor.java 11 Dec 2006 00:56:30 -0000 1.13
@@ -9,6 +9,7 @@
import org.jboss.seam.annotations.security.Restrict;
import org.jboss.seam.intercept.InvocationContext;
import org.jboss.seam.security.Identity;
+import org.jboss.seam.security.SeamSecurityManager;
/**
* Provides authorization services for component invocations.
@@ -41,7 +42,9 @@
if (!identity.isValid())
throw new SecurityException("Invalid identity");
- /** todo perform restriction check here */
+ if (!SeamSecurityManager.instance().evaluateExpression(r.value()))
+ throw new SecurityException(String.format(
+ "Authorization check failed for expression [%s]", r.value()));
}
return invocation.proceed();
More information about the jboss-cvs-commits
mailing list