Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

oracle.portal.provider.v1.http
Class URLSecurityManager

oracle.portal.provider.v1.http.URLSecurityManager
public class URLSecurityManager

URLSecurityManager determines if the user has right permissions for viewing the portlet. It allows the user if the portlet he/she is trying to view is publicly accessible i.e., with <accessControl>public.<accessControl>. Else a check for authorization is made. Otherwise, permission will be given only if he/she is having valid credentials.

See Also:
PortletSecurityManager

Constructor Summary
URLSecurityManager()
           
 
Method Summary
 java.lang.String getAuthorizType()
           
 boolean hasAccess(oracle.portal.provider.v1.Portlet p, oracle.portal.provider.v1.ProviderUser user)
          Verifies whether the user is authorized to use this Portlet.
 boolean hasAccess(oracle.portal.provider.v1.PortletReference pref, oracle.portal.provider.v1.ProviderUser user)
          Verifies whether the user is authorized to use this particular portlet instance.
 void setAuthorizType(java.lang.String at)
           
 

Constructor Detail

URLSecurityManager

public URLSecurityManager()
Method Detail

setAuthorizType

public void setAuthorizType(java.lang.String at)

getAuthorizType

public java.lang.String getAuthorizType()

hasAccess

public boolean hasAccess(oracle.portal.provider.v1.Portlet p,
                         oracle.portal.provider.v1.ProviderUser user)
Verifies whether the user is authorized to use this Portlet. That is does this user have the necessary privileges to create, get, copy, and destroy instances of this Portlet.
Parameters:
p - the portlet which we want to authorize access to.
user - the current user we are being asked to authorize.
Returns:
true is this user is authorized to access this portlet.

hasAccess

public boolean hasAccess(oracle.portal.provider.v1.PortletReference pref,
                         oracle.portal.provider.v1.ProviderUser user)
Verifies whether the user is authorized to use this particular portlet instance. Generally, this check will only be made of the default instance as it is assumed you cannot be denied access to the default while having access to the customized instance, and in turn must always have access to your customized version if you have access to the default. However, if asked to authorize a particular instance the PortletNotFoundException should be thrown if that instance doesn't exist (even if the default does).
Parameters:
ref - portlet reference that identifies the instant
user - the current user we are being asked to authorize.
Returns:
true is this user is authorized to access this portlet instance.
 Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD