Oracle Fusion Middleware Java API Reference for Oracle ADF Controller
11g Release 1 (11.1.1.1.0)

E10651-02

oracle.adf.controller.security
Interface ControllerSecurityManager


public interface ControllerSecurityManager

Provides a mechanism to check security using EL.


Method Summary
 void enforceTransport(TaskFlowId taskFlowId)
          Checks whether the request is using the correct transport (http/https), as defined within the taskflow definition.
 java.util.Map<java.lang.String,ActivitySecurity> getActivity()
          Returns a map of activity security based on permissions.
 oracle.adf.share.security.binding.BindingPermission getBindingPermission(TaskFlowId taskFlowId)
          Returns the BindingPermission object for this TaskFlowId.
 java.util.Map<java.lang.String,ActivitySecurity> getOutcome()
          Returns a map of taskflow security based on outcomes.
 java.util.Map<java.lang.String,ActivitySecurity> getPermission()
          Returns a map of taskflow security based on permissions.
 TaskFlowPermission getPermission(TaskFlowId taskFlowId, java.lang.String action)
          Gets the TaskFlowPermission that should be checked for a given taskflow and operation.
 java.util.Map<java.lang.String,ActivitySecurity> getTaskflow()
          Returns a map of taskflow security based on taskflow id.
 boolean isValidTransport(TaskFlowId taskFlowId)
          Determines whether the current transport (http/https) is acceptable for the specified taskflow.
 boolean isViewAuthorized(TaskFlowId taskFlowId)
          Determines whether the subject has authorization to VIEW the specified taskflow.
 

Method Detail

getTaskflow

java.util.Map<java.lang.String,ActivitySecurity> getTaskflow()
Returns a map of taskflow security based on taskflow id. The key to the Map is the TaskFlowId as a string.
The object returned is an instance of ActivitySecurity.
For example, to see whether the taskflow /WEB-INF/mytask.xml is authorized for the current user, you would use EL of the form #{controllerContext.security.taskflow['/WEB-INF/mytask.xml'].viewAuthorized}

Returns:
the security map.

getOutcome

java.util.Map<java.lang.String,ActivitySecurity> getOutcome()
Returns a map of taskflow security based on outcomes. The key to the Map is the outcome string.
The object returned is an instance of ActivitySecurity.
For example, to see whether the outcome 'enter' is authorized for the current user, you would use EL of the form #{controllerContext.security.outcome.enter.viewAuthorized}

Returns:
the security map.

getPermission

java.util.Map<java.lang.String,ActivitySecurity> getPermission()
Returns a map of taskflow security based on permissions. The key to the Map is the target for the permission check. All other values for the Permission instance will be defaulted.
The object returned is an instance of ActivitySecurity.
For example, to see whether the user has permission to enter the taskflow 'mytask' within the document /WEB-INF/mytask.xml you would use EL of the form #{controllerContext.security.permission['/WEB-INF/mytask.xml#mytask'].viewAuthorized} The primary advantage of this method is that it does not require the taskflow to be read to determine the permission - we have enough information in the EL. The primary disadvantage is that it is brittle.

Returns:
the security map.

getActivity

java.util.Map<java.lang.String,ActivitySecurity> getActivity()
Returns a map of activity security based on permissions. The key to the Map is the name of the activity.

The activity must be within the current taskflow.

The object returned is an instance of ActivitySecurity.
For example, to see whether the view activity 'create-order' is authorized for the current user, you would use EL of the form #{controllerContext.security.activity['create-order'].viewAuthorized}

If the activity is a taskflow-call activity, then the value returned reflects the security on the taskflow this activity will invoke.

Returns:
the security map.

isViewAuthorized

boolean isViewAuthorized(TaskFlowId taskFlowId)
Determines whether the subject has authorization to VIEW the specified taskflow.

Parameters:
taskFlowId - the taskflow to check
Returns:
true if the appropriate permission is granted; false otherwise.

isValidTransport

boolean isValidTransport(TaskFlowId taskFlowId)
Determines whether the current transport (http/https) is acceptable for the specified taskflow.

Parameters:
taskFlowId - the taskflow to check
Returns:
true if the current transport is acceptable false otherwise.

enforceTransport

void enforceTransport(TaskFlowId taskFlowId)
Checks whether the request is using the correct transport (http/https), as defined within the taskflow definition.

Parameters:
taskFlowId - The taskflow to check
Throws:
InvalidTransportException - when the transport is incorrect.

getPermission

TaskFlowPermission getPermission(TaskFlowId taskFlowId,
                                 java.lang.String action)
Gets the TaskFlowPermission that should be checked for a given taskflow and operation.

Parameters:
taskFlowId - the taskflow identifier
action - the action to be checked.
Returns:
the TaskFlowPermission to be checked.

getBindingPermission

oracle.adf.share.security.binding.BindingPermission getBindingPermission(TaskFlowId taskFlowId)
Returns the BindingPermission object for this TaskFlowId.

Parameters:
taskFlowId - the taskflow id
Returns:
the BindingPermission

Oracle Fusion Middleware Java API Reference for Oracle ADF Controller
11g Release 1 (11.1.1.1.0)

E10651-02

Copyright © 1997, 2009, Oracle. All rights reserved.