| ISCUIAuthorizationProvider |
Defines the behavior expected in any implementation
of authorization in an application. ISCUIAuthorizationProvider
is plugged in to an application using the context parameter in web.xml: |
- hasPermission
Takes in SCUIContext and resourceId. Returns true
if the user in the SecurityContext has any permission to the resource
given by the resourceId. Otherwise, it returns false.
- getPermission
Takes in SCUIContext and resourceId. Returns an
implementation of ISCUIResourcePermission that contains the permission
for the given resourceId.
- init
Handles initialization, like loading the security information
or caching it. This method is called once, when ISCUIAuthorizationProvider
is first set.
- sessionDestroyed
Closes all opened session-specific handles. The
ISCUIAuthorizationProvider class extends the ISCUISessionAware class,
which is a marker class that helps the ISCUIAuthorizationProvider
class register itself to the HttpSessionListener implementation class. When
a session is invalidated or destroyed, the sessionDestroyedmethod
is called by the listener to close the handles opened during initialization.
|
| ISCUIResourcePermission |
Defines the behavior expected in any implementation
of authorization for a given resource ID in an application. ISCUIResourcePermission
is returned by ISCUIAuthorizationProvider after the authorization. |
- canRead
Returns true if the user has permission to read for
a given ResourceId. Otherwise, it returns false.
- canEdit
Returns true if the user has permission to edit for
a given ResourceId. Otherwise, it returns false.
- canExecute
Returns true if the user has permission to execute
for a given ResourceId. Otherwise, it returns false. This could
be the permission control that is used for executing the mashup class.
|
