oracle.portal.provider.v2.security
Class AuthLevelSecurityManager
java.lang.Object
|
+--oracle.portal.provider.v2.security.PortletSecurityManager
|
+--oracle.portal.provider.v2.security.AuthLevelSecurityManager
- All Implemented Interfaces:
- Validateable
- public class AuthLevelSecurityManager
- extends PortletSecurityManager
- implements Validateable
DefaultSecurityManager is a simple access controller for a portlet that uses
a user's authentication level to control access. A user will be granted
access to a portlet if his/her authentication level is greater than or
equal to the security level that has been specified for the security manager.
If you do not specify a security level for the security manager, it will
default to the most secure level of operation
|
Field Summary |
static java.lang.String |
PUBLIC
|
static java.lang.String |
STRONG
|
static java.lang.String |
WEAK
|
| Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
STRONG
public static final java.lang.String STRONG
WEAK
public static final java.lang.String WEAK
PUBLIC
public static final java.lang.String PUBLIC
AuthLevelSecurityManager
public AuthLevelSecurityManager()
hasAccess
public boolean hasAccess(ProviderInstance pi,
PortletDefinition pd,
ProviderUser user)
- Verifies that the specified user's authentication level is greater
than or equal to the specified security threshhold.
- Overrides:
hasAccess in class PortletSecurityManager
- Parameters:
pi - the provider instance from which the portlet is being
accessed.pd - the definition of the portlet which we want to authorize
access to.user - the current user we are being asked to authorize.- Returns:
- true is this user is authorized to access this portlet.
hasAccess
public boolean hasAccess(PortletReference ref,
ProviderUser user)
throws PortletNotFoundException
- Verifies that the specified user's authentication level is greater
than or equal to the specified security threshhold.
- Overrides:
hasAccess in class PortletSecurityManager
- Parameters:
inst - the portlet instanceuser - the current user we are being asked to authorize.- Returns:
- true is this user is authorized to access this portlet instance.
setSecurityLevel
public void setSecurityLevel(java.lang.String level)
throws java.lang.IllegalStateException
- Sets the security threshhold for this security manager.
This version of the method is intended for use by Providers that
are initialized via the provider.xml file & it supports a reduced
subset of the authentication levels for simplicity
- Parameters:
level - String representation of the security level
setSecurityLevel
public void setSecurityLevel(int level)
throws java.lang.IllegalStateException
- Sets the security threshhold for this security manager.
This version of the setSecurityLevel method supports the full range
of security levels supported by the Portal.
- Parameters:
level - integer representation of the security level
validate
public void validate(java.lang.String context,
ValidationError errors)
- Validates the internal state of this
AuthLevelSecurityManager instance. Errors found are
reported using the supplied ValidationError instance.
- Specified by:
validate in interface Validateable
- Parameters:
context - The context of the calling instance.errors - The current list of errors.
Copyright (c) 2002, Oracle Corporation. All Rights Reserved.