[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...
Shane Bryzak
sbryzak at redhat.com
Tue Nov 13 23:57:41 EST 2007
User: sbryzak2
Date: 07/11/13 23:57:40
Modified: src/main/org/jboss/seam/security FacesSecurityEvents.java
Identity.java RuleBasedIdentity.java
Log:
extend securityEnabled functionality to hasRole(), hasPermission(), etc calls; removed redundant creation event
Revision Changes Path
1.4 +1 -1 jboss-seam/src/main/org/jboss/seam/security/FacesSecurityEvents.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: FacesSecurityEvents.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/FacesSecurityEvents.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -r1.3 -r1.4
--- FacesSecurityEvents.java 14 Nov 2007 02:26:44 -0000 1.3
+++ FacesSecurityEvents.java 14 Nov 2007 04:57:40 -0000 1.4
@@ -36,7 +36,7 @@
return "org.jboss.seam.security.username";
}
- @Observer(Identity.EVENT_INIT_IDENTITY)
+ @Observer("org.jboss.seam.postCreate.org.jboss.seam.security.identity")
public void initCredentialsFromCookie(Identity identity)
{
FacesContext ctx = FacesContext.getCurrentInstance();
1.107 +7 -5 jboss-seam/src/main/org/jboss/seam/security/Identity.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: Identity.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
retrieving revision 1.106
retrieving revision 1.107
diff -u -b -r1.106 -r1.107
--- Identity.java 14 Nov 2007 02:26:44 -0000 1.106
+++ Identity.java 14 Nov 2007 04:57:40 -0000 1.107
@@ -58,7 +58,6 @@
@Startup
public class Identity implements Serializable
{
- public static final String EVENT_INIT_IDENTITY = "org.jboss.seam.security.initIdentity";
public static final String EVENT_LOGIN_SUCCESSFUL = "org.jboss.seam.security.loginSuccessful";
public static final String EVENT_LOGIN_FAILED = "org.jboss.seam.security.loginFailed";
public static final String EVENT_NOT_LOGGED_IN = "org.jboss.seam.security.notLoggedIn";
@@ -69,7 +68,7 @@
public static final String EVENT_CREDENTIALS_UPDATED = "org.jboss.seam.security.credentialsUpdated";
public static final String EVENT_REMEMBER_ME = "org.jboss.seam.security.rememberMe";
- private static boolean securityEnabled = true;
+ protected static boolean securityEnabled = true;
public static final String ROLES_GROUP = "Roles";
@@ -104,7 +103,6 @@
public void create()
{
subject = new Subject();
- Events.instance().raiseEvent(EVENT_INIT_IDENTITY, this);
}
public static boolean isSecurityEnabled()
@@ -193,6 +191,8 @@
*/
public void checkRestriction(String expr)
{
+ if (!securityEnabled) return;
+
if ( !evaluateExpression(expr) )
{
if ( !isLoggedIn() )
@@ -357,6 +357,8 @@
*/
public boolean hasRole(String role)
{
+ if (!securityEnabled) return true;
+
isLoggedIn(true);
for ( Group sg : getSubject().getPrincipals(Group.class) )
@@ -490,7 +492,7 @@
*/
public boolean hasPermission(String name, String action, Object...arg)
{
- return false;
+ return !securityEnabled;
}
/**
1.20 +2 -2 jboss-seam/src/main/org/jboss/seam/security/RuleBasedIdentity.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: RuleBasedIdentity.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/RuleBasedIdentity.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -b -r1.19 -r1.20
--- RuleBasedIdentity.java 12 Nov 2007 10:59:14 -0000 1.19
+++ RuleBasedIdentity.java 14 Nov 2007 04:57:40 -0000 1.20
@@ -21,10 +21,8 @@
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
-import org.jboss.seam.core.Events;
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
-import org.jboss.seam.web.Session;
/**
* Identity implementation that supports permission
@@ -114,6 +112,8 @@
@Override
public boolean hasPermission(String name, String action, Object...arg)
{
+ if (!securityEnabled) return true;
+
StatefulSession securityContext = getSecurityContext();
if (securityContext == null) return false;
More information about the jboss-cvs-commits
mailing list