Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

ch.security4web.esapi.authentication
Class EsapiAuthorization

java.lang.Object
  extended by javax.faces.component.UIComponent
      extended by javax.faces.component.UIComponentBase
          extended by javax.faces.component.UIOutput
              extended by ch.security4web.esapi.authentication.EsapiAuthorization
All Implemented Interfaces:
javax.faces.component.StateHolder, javax.faces.component.ValueHolder
public class EsapiAuthorization
extends javax.faces.component.UIOutput

The EsapiAuthorized class stores the users information in the user.txt file, that information contains user's role, user's last login time, etc. and based on the information, the users are given the rights to access the presentation layer of the JSF application. The presentation layer is nothing but .XHTML or JSP file

For example :-
<esapi:authorization role="admin">
Admin Content.
<esapi:authorization>

As shown in the above code, The role attribute "admin" of the tag show the content inside the tag is accessible to the admin user only. The user with other role can not have access to the content above. Moreover, the user with "admin" role can have full access to the content of entire page, however, the normal user can not see them, because they don't have right's to see like Admin user.

For example :-
<esapi:authorization role="user">
User Content.
</esapi:authorization>

The User with "user" role could see only data, which is inside the tag but other important data with other roles are not visualized to them.

Field Summary
 
Fields inherited from class javax.faces.component.UIOutput
COMPONENT_FAMILY, COMPONENT_TYPE
 
Constructor Summary
EsapiAuthorization()
          constructor.
 
Method Summary
 void encodeBegin(javax.faces.context.FacesContext context)
          This method render component and sub component inside authorization tag base of user authorization.
 java.lang.String getFamily()
          Give family of this tag
 java.lang.String getRole()
          Get role associated with authorization tag.
 void restoreState(javax.faces.context.FacesContext context, java.lang.Object state)
          Restore value of role in existing facelet context
 java.lang.Object saveState(javax.faces.context.FacesContext context)
          Save state of role associated with authorization tag in facelest context.
 void setRole(java.lang.String role)
          Role is set which is associated with authorization tag.
"admin","user" ext.
 
Methods inherited from class javax.faces.component.UIOutput
getConverter, getLocalValue, getValue, setConverter, setValue
 
Methods inherited from class javax.faces.component.UIComponentBase
broadcast, decode, encodeChildren, encodeEnd, findComponent, getAttributes, getChildCount, getChildren, getClientId, getFacet, getFacetCount, getFacets, getFacetsAndChildren, getId, getParent, getRendererType, getRendersChildren, getValueBinding, getValueExpression, invokeOnComponent, isRendered, isTransient, processDecodes, processRestoreState, processSaveState, processUpdates, processValidators, queueEvent, restoreAttachedState, saveAttachedState, setId, setParent, setRendered, setRendererType, setTransient, setValueBinding, setValueExpression
 
Methods inherited from class javax.faces.component.UIComponent
encodeAll, getContainerClientId
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

EsapiAuthorization

public EsapiAuthorization()
constructor.

Since:
1.0
Method Detail

saveState

public java.lang.Object saveState(javax.faces.context.FacesContext context)
Save state of role associated with authorization tag in facelest context.

Specified by:
saveState in interface javax.faces.component.StateHolder
Overrides:
saveState in class javax.faces.component.UIOutput
Parameters:
context - facelet Context
Returns:
Array object which has context in first place(location) and return role in second place(location).
Since:
1.0

restoreState

public void restoreState(javax.faces.context.FacesContext context,
                         java.lang.Object state)
Restore value of role in existing facelet context

Specified by:
restoreState in interface javax.faces.component.StateHolder
Overrides:
restoreState in class javax.faces.component.UIOutput
Parameters:
context - facelet context
state - state of role to be restored in existing context.
Since:
1.0

getFamily

public java.lang.String getFamily()
Give family of this tag

Overrides:
getFamily in class javax.faces.component.UIOutput
Returns:
tag belongs to esapi.authorization family.
Since:
1.0

getRole

public java.lang.String getRole()
Get role associated with authorization tag.

Returns:
Role name
Since:
1.0

setRole

public void setRole(java.lang.String role)
Role is set which is associated with authorization tag.
"admin","user" ext.

Parameters:
role - role name

encodeBegin

public void encodeBegin(javax.faces.context.FacesContext context)
                 throws java.io.IOException
This method render component and sub component inside authorization tag base of user authorization. role="admin" could see all page content. role="user" could visualized only public content on the page and "user". but not able to see "admin" content.

Overrides:
encodeBegin in class javax.faces.component.UIComponentBase
Parameters:
context - facelet context
Throws:
java.io.IOException - throws IOException when user is not found inside user.txt file.
Since:
1.0
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD