Overview  Package   Class  Tree  Deprecated  Index  Help 
OracleAS PDK for Java 9.0.4.0.2
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.portal.provider.v2.security
Class AuthLevelSecurityManager

java.lang.Object
  |
  +--oracle.portal.provider.v2.security.PortletSecurityManager
        |
        +--oracle.portal.provider.v2.security.AuthLevelSecurityManager
All Implemented Interfaces:
Validateable
public class AuthLevelSecurityManager
extends PortletSecurityManager
implements Validateable

DefaultSecurityManager is a simple access controller for a portlet that uses a user's authentication level to control access. A user will be granted access to a portlet if his/her authentication level is greater than or equal to the security level that has been specified for the security manager.

If you do not specify a security level for the security manager, it will default to the most secure level of operation

Field Summary
static java.lang.String PUBLIC
           
static java.lang.String STRONG
           
static java.lang.String WEAK
           
 
Constructor Summary
AuthLevelSecurityManager()
           
 
Method Summary
 boolean hasAccess(PortletReference ref, ProviderUser user)
          Verifies that the specified user's authentication level is greater than or equal to the specified security threshhold.
 boolean hasAccess(ProviderInstance pi, PortletDefinition pd, ProviderUser user)
          Verifies that the specified user's authentication level is greater than or equal to the specified security threshhold.
 void setSecurityLevel(int level)
          Sets the security threshhold for this security manager.
 void setSecurityLevel(java.lang.String level)
          Sets the security threshhold for this security manager.
 void validate(java.lang.String context, ValidationError errors)
          Validates the internal state of this AuthLevelSecurityManager instance.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

STRONG

public static final java.lang.String STRONG
See Also:
Constant Field Values

WEAK

public static final java.lang.String WEAK
See Also:
Constant Field Values

PUBLIC

public static final java.lang.String PUBLIC
See Also:
Constant Field Values
Constructor Detail

AuthLevelSecurityManager

public AuthLevelSecurityManager()
Method Detail

hasAccess

public boolean hasAccess(ProviderInstance pi,
                         PortletDefinition pd,
                         ProviderUser user)
Verifies that the specified user's authentication level is greater than or equal to the specified security threshhold.

Specified by:
hasAccess in class PortletSecurityManager
Parameters:
pi - the provider instance from which the portlet is being accessed.
pd - the definition of the portlet which we want to authorize access to.
user - the current user we are being asked to authorize.
Returns:
true is this user is authorized to access this portlet.

hasAccess

public boolean hasAccess(PortletReference ref,
                         ProviderUser user)
                  throws PortletNotFoundException
Verifies that the specified user's authentication level is greater than or equal to the specified security threshhold.

Specified by:
hasAccess in class PortletSecurityManager
Parameters:
user - the current user we are being asked to authorize.
ref - portlet reference
Returns:
true is this user is authorized to access this portlet instance.
PortletNotFoundException

setSecurityLevel

public void setSecurityLevel(java.lang.String level)
                      throws java.lang.IllegalStateException
Sets the security threshhold for this security manager. This version of the method is intended for use by Providers that are initialized via the provider.xml file & it supports a reduced subset of the authentication levels for simplicity

Parameters:
level - String representation of the security level
java.lang.IllegalStateException

setSecurityLevel

public void setSecurityLevel(int level)
                      throws java.lang.IllegalStateException
Sets the security threshhold for this security manager. This version of the setSecurityLevel method supports the full range of security levels supported by the Portal.

Parameters:
level - integer representation of the security level
java.lang.IllegalStateException

validate

public void validate(java.lang.String context,
                     ValidationError errors)
Validates the internal state of this AuthLevelSecurityManager instance. Errors found are reported using the supplied ValidationError instance.

Specified by:
validate in interface Validateable
Parameters:
context - The context of the calling instance.
errors - The current list of errors.
Overview  Package   Class  Tree  Deprecated  Index  Help 
OracleAS PDK for Java 9.0.4.0.2
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright (c) 2002,2003 Oracle Corporation. All Rights Reserved.