org.apache.jetspeed.security.impl
Class AbstractSecurityValve

java.lang.Object
  extended byorg.apache.jetspeed.pipeline.valve.AbstractValve
      extended byorg.apache.jetspeed.security.impl.AbstractSecurityValve
All Implemented Interfaces:
SecurityValve, Valve
Direct Known Subclasses:
SecurityValveImpl

public abstract class AbstractSecurityValve
extends AbstractValve
implements SecurityValve

AbstractSecurityValve

Version:
$Id: AbstractSecurityValve.java 188330 2005-02-10 21:09:18Z taylor $
Author:
Scott T. Weaver

Constructor Summary
AbstractSecurityValve()
           
 
Method Summary
protected abstract  Subject getSubject(org.apache.jetspeed.request.RequestContext request)
           getSubject
protected  Subject getSubjectFromSession(org.apache.jetspeed.request.RequestContext request)
           getSubjectFromSession
protected abstract  Principal getUserPrincipal(org.apache.jetspeed.request.RequestContext request)
           getUserPrincipal
 void invoke(org.apache.jetspeed.request.RequestContext request, ValveContext context)
           invoke
 
Methods inherited from class org.apache.jetspeed.pipeline.valve.AbstractValve
initialize
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.jetspeed.pipeline.valve.Valve
initialize
 

Constructor Detail

AbstractSecurityValve

public AbstractSecurityValve()
Method Detail

getSubject

protected abstract Subject getSubject(org.apache.jetspeed.request.RequestContext request)
                               throws Exception

getSubject

Should build and return a javax.security.Subject

Parameters:
request -
Returns:
Subject
Throws:
Exception

getUserPrincipal

protected abstract Principal getUserPrincipal(org.apache.jetspeed.request.RequestContext request)
                                       throws Exception

getUserPrincipal

Should build and return a java.security.Principal that represents the user name the Subject returned from getSubject()

Parameters:
request -
Returns:
Principal
Throws:
Exception

getSubjectFromSession

protected final Subject getSubjectFromSession(org.apache.jetspeed.request.RequestContext request)
                                       throws Exception

getSubjectFromSession

Parameters:
request -
Returns:
javax.security.Subject or null if there is no servlet session attribute defined for the key org.apache.jetspeed.PortalReservedParameters.SESSION_KEY_SUBJECT.
Throws:
Exception

invoke

public void invoke(org.apache.jetspeed.request.RequestContext request,
                   ValveContext context)
            throws PipelineException

invoke

Uses getSubject() to call ValveContext.invokeNext() via Subject.doAsPrivileged(). This method also takes care of setting the value of the RequestContext.subject property and the session attribute org.apache.jetspeed.PortalReservedParameters.SESSION_KEY_SUBJECT

Specified by:
invoke in interface Valve
Specified by:
invoke in class AbstractValve
Parameters:
request -
context -
Throws:
PipelineException - if the is an error encountered during any security operations.
See Also:
Valve.invoke(org.apache.jetspeed.request.RequestContext, org.apache.jetspeed.pipeline.valve.ValveContext)


Copyright © 1999-2005 Apache Software Foundation. All Rights Reserved.