org.wicketstuff.security.swarm.strategies
Class SwarmStrategy

java.lang.Object
  org.wicketstuff.security.strategies.WaspAuthorizationStrategy
      org.wicketstuff.security.strategies.ClassAuthorizationStrategy
          org.wicketstuff.security.swarm.strategies.AbstractSwarmStrategy
              org.wicketstuff.security.swarm.strategies.SwarmStrategy

All Implemented Interfaces:

Serializable, org.apache.wicket.authorization.IAuthorizationStrategy

public class SwarmStrategy
extends AbstractSwarmStrategy

Implementation of a ClassAuthorizationStrategy. It allows for both simple logins as well as multi level logins.

Author:

marrink

See Also:

Serialized Form

SwarmStrategy

public SwarmStrategy(Object hiveQueen)

Constructs a new strategy linked to the specified hive.

Parameters:

hiveQueen - A key to retrieve the Hive

SwarmStrategy

public SwarmStrategy(Class<? extends org.wicketstuff.security.components.ISecureComponent> secureClass,
                     Object hiveQueen)

Constructs a new strategy linked to the specified hive.

Parameters:

secureClass - instances of this class will be required to have access authorization.

hiveQueen - A key to retrieve the Hive

getHive

protected final org.wicketstuff.security.hive.Hive getHive()

Returns the hive.

Returns:

the hive.

Throws:

org.wicketstuff.security.strategies.SecurityException - if no hive is registered.

hasPermission

public boolean hasPermission(org.wicketstuff.security.hive.authorization.Permission permission,
                             org.wicketstuff.security.hive.authentication.Subject subject)

Performs the actual permission check at the Hive.

Specified by:

hasPermission in class AbstractSwarmStrategy

Parameters:

permission - the permission to verify

subject - optional subject to test against the permission

Returns:

true if the subject has or implies the permission, false otherwise

Throws:

org.wicketstuff.security.strategies.SecurityException - if the permission is null

logPermissionDenied

protected void logPermissionDenied(org.wicketstuff.security.hive.authorization.Permission permission,
                                   org.wicketstuff.security.hive.authentication.Subject subject)

Logs (if logging is enabled) which permission was denied for a subject. This method does not log directly but prepares an IAuthorizationMessageSource for later retrieval. The following variables are stored: "permission","actions", "subject" and "principals" where principals is a collection of principals that contain the permission and actions is a String representing all the WaspActions required. Note that the subject variable might be null.

Parameters:

permission - permission that was denied.

subject - optional subject

See Also:

WaspAuthorizationStrategy.logMessages(), WaspAuthorizationStrategy.getMessageSource()

login

public void login(Object context)
           throws org.wicketstuff.security.authentication.LoginException

Logs a user in. Note that the context must be an instance of LoginContext.

Specified by:

login in class org.wicketstuff.security.strategies.WaspAuthorizationStrategy

Throws:

org.wicketstuff.security.authentication.LoginException

See Also:

WaspAuthorizationStrategy.login(java.lang.Object)

logoff

public boolean logoff(Object context)

Loggs a user off. Note that the context must be an instance of LoginContext and must be the same (or equal) to the logincontext used to log in.

Specified by:

logoff in class org.wicketstuff.security.strategies.WaspAuthorizationStrategy

See Also:

WaspAuthorizationStrategy.logoff(Object)

getLoginContainer

protected final LoginContainer getLoginContainer()

The LoginContainer keeps track of all Subjects for this session..

Returns:

loginContainer

isUserAuthenticated

public boolean isUserAuthenticated()

Specified by:

isUserAuthenticated in class org.wicketstuff.security.strategies.WaspAuthorizationStrategy

See Also:

WaspAuthorizationStrategy.isUserAuthenticated()