|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.silverpeas.web.UserPriviledgeValidation
@Named public class UserPriviledgeValidation
It is a decorator of a REST-based web service that provides access to the validation of the authentification and of the authorization for a caller to request the decorated web service. Indeed, the validation mechanisme is encapsulated within the RESTWebService as it requires access to the incoming HTTP request as well to the current user session if any. In order to delegate externally the validation triggering,
Field Summary | |
---|---|
static String |
HTTP_AUTHORIZATION
The standard HTTP header parameter in an incoming request that carries user credentials information in order to open an authorized connexion with the web service that backs the refered resource. |
static String |
HTTP_SESSIONKEY
The HTTP header paremeter in an incoming request that carries the user session key. |
Constructor Summary | |
---|---|
UserPriviledgeValidation()
|
Method Summary | |
---|---|
UserPriviledgeValidation |
skipLastUserAccessTimeRegistering(javax.servlet.http.HttpServletRequest request)
Sets into the request attributes the SKIP_LAST_USER_ACCESS_TIME_REGISTERING attribute to true. |
SessionInfo |
validateUserAuthentication(javax.servlet.http.HttpServletRequest request)
Validates the authentication of the user at the origin of a web request. |
void |
validateUserAuthorizationOnAttachment(javax.servlet.http.HttpServletRequest request,
UserDetail user,
SimpleDocument doc)
Validates the authorization of the specified user to access the specified attachment. |
void |
validateUserAuthorizationOnComponentInstance(UserDetail user,
String instanceId)
Validates the authorization of the specified user to access the component instance with the specified unique identifier. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String HTTP_SESSIONKEY
public static final String HTTP_AUTHORIZATION
Constructor Detail |
---|
public UserPriviledgeValidation()
Method Detail |
---|
public SessionInfo validateUserAuthentication(javax.servlet.http.HttpServletRequest request) throws javax.ws.rs.WebApplicationException
request
- the HTTP request from which the authentication of the caller can be done.
javax.ws.rs.WebApplicationException
- exception if the validation failed.public UserPriviledgeValidation skipLastUserAccessTimeRegistering(javax.servlet.http.HttpServletRequest request)
SKIP_LAST_USER_ACCESS_TIME_REGISTERING
attribute to true.
request
- the current request performed.
public void validateUserAuthorizationOnComponentInstance(UserDetail user, String instanceId) throws javax.ws.rs.WebApplicationException
user
- the user for whom the authorization has to be validated.instanceId
- the unique identifier of the accessed component instance.
javax.ws.rs.WebApplicationException
- exception if the validation failed.public void validateUserAuthorizationOnAttachment(javax.servlet.http.HttpServletRequest request, UserDetail user, SimpleDocument doc) throws javax.ws.rs.WebApplicationException
request
- the HTTP request from which the authentication of the caller can be done.user
- the user for whom the authorization has to be validated.doc
- the document accessed.
javax.ws.rs.WebApplicationException
- exception if the validation failed.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |