AbstractSecurityService (Granite Data Services API Documentation

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.granite.messaging.service.security
Class AbstractSecurityService

java.lang.Object
  org.granite.messaging.service.security.AbstractSecurityService

All Implemented Interfaces:: SecurityService

Direct Known Subclasses:: GlassFishSecurityService, GlassFishV3SecurityService, Jetty6SecurityService, Tomcat7SecurityService, TomcatSecurityService, WebLogicSecurityService

public abstract class AbstractSecurityService
extends Object
implements SecurityService
extends Object
implements SecurityService

Abstract implementation of the SecurityService interface. This class mainly contains utility methods helping with actual implementations.

Author:: Franck WOLFF

Field Summary
`static String`	`AUTH_TYPE`

Constructor Summary
`AbstractSecurityService()`

Method Summary
`protected String[]`	`decodeBase64Credentials(Object credentials)` Decode credentails encoded in base 64 (in the form of "username:password"), as they have been sent by a RemoteObject.
`protected Object`	`endAuthorization(AbstractSecurityContext context)` Invoke a service method (EJB3, Spring, Seam, etc...) after a successful authorization.
`protected void`	`endLogin(Object credentials)` Try to save current credentials in distributed data, typically a user session attribute.
`protected void`	`endLogout()` Try to remove credentials previously saved in distributed data.
`void`	`handleSecurityException(SecurityServiceException e)` Handle a security exception.
`protected void`	`startAuthorization(AbstractSecurityContext context)` Try to login by using remote credentials (see Flex method RemoteObject.setRemoteCredentials()).
`protected boolean`	`tryRelogin()` Try to re-authenticate the current user with credentials previously saved in distributed data.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Methods inherited from interface org.granite.messaging.service.security.SecurityService
`authorize, configure, login, logout`

Field Detail

AUTH_TYPE

public static final String AUTH_TYPE

See Also:: Constant Field Values

Constructor Detail

AbstractSecurityService

public AbstractSecurityService()

Method Detail

startAuthorization

protected void startAuthorization(AbstractSecurityContext context)
                           throws SecurityServiceException

Try to login by using remote credentials (see Flex method RemoteObject.setRemoteCredentials()). This method must be called at the beginning of SecurityService.authorize(AbstractSecurityContext).

Parameters:: context - the current security context.
Throws:: SecurityServiceException - if login fails.

endAuthorization

protected Object endAuthorization(AbstractSecurityContext context)
                           throws Exception

Invoke a service method (EJB3, Spring, Seam, etc...) after a successful authorization. This method must be called at the end of SecurityService.authorize(AbstractSecurityContext).

Parameters:: context - the current security context.
Throws:: Exception - if anything goes wrong with service invocation.

decodeBase64Credentials

protected String[] decodeBase64Credentials(Object credentials)

Decode credentails encoded in base 64 (in the form of "username:password"), as they have been sent by a RemoteObject.

Parameters:: credentials - base 64 encoded credentials.
Returns:: an array containing two decoded Strings, username and password.
Throws:: IllegalArgumentException - if credentials isn't a String.; SecurityServiceException - if credentials are invalid (bad encoding or missing ':').

handleSecurityException

public void handleSecurityException(SecurityServiceException e)

Handle a security exception. This method is called in AMF3MessageProcessor.processCommandMessage(flex.messaging.messages.CommandMessage) whenever a SecurityService occurs and does nothing by default.

Specified by:: handleSecurityException in interface SecurityService

Parameters:: e - the security exception.

endLogin

protected void endLogin(Object credentials)

Try to save current credentials in distributed data, typically a user session attribute. This method must be called at the end of a successful SecurityService.login(Object) operation and is useful in clustered environments with session replication in order to transparently re-authenticate the user when failing over.

Parameters:: credentials - the credentials to be saved in distributed data.

tryRelogin

protected boolean tryRelogin()

Try to re-authenticate the current user with credentials previously saved in distributed data. This method must be called in the SecurityService.authorize(AbstractSecurityContext) method when the current user principal is null.

Returns:: true if relogin was successful, false otherwise.
See Also:: endLogin(Object)

endLogout

protected void endLogout()

Try to remove credentials previously saved in distributed data. This method must be called in the SecurityService.logout() method.

See Also:: endLogin(Object)