[jboss-cvs] jboss-seam/src/main/org/jboss/seam/interceptors ...
Shane Bryzak
Shane_Bryzak at symantec.com
Tue Oct 17 19:50:47 EDT 2006
User: sbryzak2
Date: 06/10/17 19:50:47
Modified: src/main/org/jboss/seam/interceptors
SecurityInterceptor.java
Log:
Object-level security groundwork
Revision Changes Path
1.4 +14 -3 jboss-seam/src/main/org/jboss/seam/interceptors/SecurityInterceptor.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SecurityInterceptor.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/interceptors/SecurityInterceptor.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -r1.3 -r1.4
--- SecurityInterceptor.java 16 Oct 2006 00:34:27 -0000 1.3
+++ SecurityInterceptor.java 17 Oct 2006 23:50:47 -0000 1.4
@@ -6,10 +6,11 @@
import org.jboss.seam.Component;
import org.jboss.seam.annotations.Interceptor;
+import org.jboss.seam.annotations.Permission;
import org.jboss.seam.annotations.Secure;
-import org.jboss.seam.security.SeamSecurityManager;
import org.jboss.seam.security.Authentication;
import org.jboss.seam.security.AuthenticationException;
+import org.jboss.seam.security.SeamSecurityManager;
/**
* Provides authorization services for component invocations.
@@ -84,9 +85,19 @@
}
// No roles match, check permissions
+ try
+ {
if (sec.permissions().length > 0)
{
-// SeamSecurityManager.instance().checkAcls();
+ for (Permission p : sec.permissions())
+ {
+ SeamSecurityManager.instance().checkPermission(p.name(), p.action());
+ }
+ }
+ }
+ catch (SecurityException ex)
+ {
+ // Fall through to error page
}
// Authorization has failed.. redirect the user to an error page
More information about the jboss-cvs-commits
mailing list