: Class NonAnonSecurityManager

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.xmlserv.app
Class NonAnonSecurityManager

java.lang.Object
  |
  +--com.xmlserv.security.SecurityManager
        |
        +--com.xmlserv.security.RoleSecurityManager
              |
              +--com.xmlserv.app.AppSecurityManager
                    |
                    +--com.xmlserv.app.NonAnonSecurityManager

public class NonAnonSecurityManager
extends AppSecurityManager

A SecurityManager that denies Anonymous access, forcing authentication.

Inner classes inherited from class com.xmlserv.security.SecurityManager

SecurityManager.AccessRight, SecurityManager.Authorization, SecurityManager.Resource, SecurityManager.Role, SecurityManager.User

Fields inherited from class com.xmlserv.security.SecurityManager

DELETE, INSERT, SELECT, UPDATE

Constructor Summary

NonAnonSecurityManager()

Method Summary

java.lang.String doLogin(javax.servlet.ServletContext context, javax.servlet.http.HttpServletRequest req)
Handle login.

Methods inherited from class com.xmlserv.app.AppSecurityManager

checkAuth, checkoutConn, checkUser, destroy, getEmail, getId, getRoleGroup, getRoleGroupId, getUserById, getUserID, getUserStatus, init, returnConn

Methods inherited from class com.xmlserv.security.RoleSecurityManager

authenticate, authorize, errorPage, getUser, getUserObj, getUserRoleGroup, getUserRoleGroupId, loginPage, loginPage, logout, signout, validate, validate

Methods inherited from class com.xmlserv.security.SecurityManager

addACL, getResource, hasAuth, isAnon, toUserStatus

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

NonAnonSecurityManager

public NonAnonSecurityManager()

Method Detail

doLogin

public java.lang.String doLogin(javax.servlet.ServletContext context,
                                javax.servlet.http.HttpServletRequest req)

Handle login. The following HTTP Parameters are recognized:

ForceAuth: Force Authentication. Any already existing User object is removed from the session before normal processing starts. Optional
NonAnon: In case the user was authenticated anonymously, this acts just like ForceAuth. In case of a 'normal' account, this option does nothing. Optional
sm_username: The username for authentication purposes. Optional
sm_password: Password. Optional

Overrides:: doLogin in class RoleSecurityManager

Parameters:: context - The servlet context.; req - The client request.
Returns:: null in case everything is OK, an HTML login page otherwise.