Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.seam.faces.view.config
Class SecurityPhaseListener

java.lang.Object
  extended by org.jboss.seam.faces.view.config.SecurityPhaseListener

@Requires(value="org.jboss.seam.security.extension.SecurityExtension")
public class SecurityPhaseListener
extends Object

Use the annotations stored in the ViewConfigStore to restrict view access. Authorization is delegated to Seam Security through by firing a AuthorizationCheckEvent.

Author:
Brian Leathem

Constructor Summary
SecurityPhaseListener()
           
 
Method Summary
 PhaseIdType[] getDefaultPhases(String viewId)
          Get the default phases at which restrictions should be applied, by looking for a @RestrictAtPhase on a matching
 Method getRestrictAtViewMethod(Annotation annotation)
          Utility method to extract the "restrictAtPhase" method from an annotation
 PhaseIdType[] getRestrictedPhaseIds(Method restrictAtViewMethod, Annotation annotation)
          Retrieve the default PhaseIdTypes defined by the restrictAtViewMethod in the annotation
 List<? extends Annotation> getRestrictionsForPhase(PhaseIdType currentPhase, String viewId)
          Retrieve all annotations from the ViewConfigStore for a given a JSF phase, and a view id, and where the annotation is qualified by @SecurityBindingType
 boolean isAnnotationApplicableToPhase(Annotation annotation, PhaseIdType currentPhase, PhaseIdType[] defaultPhases)
          Inspect an annotation to see if it specifies a view in which it should be.
 void observeInvokeApplication(PhaseEvent event)
          Enforce any security annotations applicable to the InvokeApplication phase
 void observePreNavigateEvent(PreNavigateEvent event)
          Monitor PreNavigationEvents, looking for a successful navigation from the Seam Security login button.
 void observeRenderResponse(PhaseEvent event)
          Enforce any security annotations applicable to the RenderResponse phase
 void observeRestoreView(PhaseEvent event)
          Enforce any security annotations applicable to the RestoreView phase
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityPhaseListener

public SecurityPhaseListener()
Method Detail

observeRenderResponse

public void observeRenderResponse(@Observes
                                  PhaseEvent event)
Enforce any security annotations applicable to the RenderResponse phase

Parameters:
event -

observeInvokeApplication

public void observeInvokeApplication(@Observes
                                     PhaseEvent event)
Enforce any security annotations applicable to the InvokeApplication phase

Parameters:
event -

observeRestoreView

public void observeRestoreView(@Observes
                               PhaseEvent event)
Enforce any security annotations applicable to the RestoreView phase

Parameters:
event -

getRestrictionsForPhase

public List<? extends Annotation> getRestrictionsForPhase(PhaseIdType currentPhase,
                                                          String viewId)
Retrieve all annotations from the ViewConfigStore for a given a JSF phase, and a view id, and where the annotation is qualified by @SecurityBindingType

Parameters:
currentPhase -
viewId -
Returns:
list of restrictions applicable to this viewId and PhaseTypeId

isAnnotationApplicableToPhase

public boolean isAnnotationApplicableToPhase(Annotation annotation,
                                             PhaseIdType currentPhase,
                                             PhaseIdType[] defaultPhases)
Inspect an annotation to see if it specifies a view in which it should be. Fall back on default view otherwise.

Parameters:
annotation -
currentPhase -
defaultPhases -
Returns:
true if the annotation is applicable to this view and phase, false otherwise

getDefaultPhases

public PhaseIdType[] getDefaultPhases(String viewId)
Get the default phases at which restrictions should be applied, by looking for a @RestrictAtPhase on a matching

Parameters:
viewId -
Returns:
default phases for a view

getRestrictAtViewMethod

public Method getRestrictAtViewMethod(Annotation annotation)
Utility method to extract the "restrictAtPhase" method from an annotation

Parameters:
annotation -
Returns:
restrictAtViewMethod if found, null otherwise

getRestrictedPhaseIds

public PhaseIdType[] getRestrictedPhaseIds(Method restrictAtViewMethod,
                                           Annotation annotation)
Retrieve the default PhaseIdTypes defined by the restrictAtViewMethod in the annotation

Parameters:
restrictAtViewMethod -
annotation -
Returns:
PhaseIdTypes from the restrictAtViewMethod, null if empty

observePreNavigateEvent

public void observePreNavigateEvent(@Observes
                                    PreNavigateEvent event)
Monitor PreNavigationEvents, looking for a successful navigation from the Seam Security login button. When such a navigation is encountered, redirect to the the viewId captured before the login redirect was triggered.

Parameters:
event -
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2009-2011 Seam Framework. All Rights Reserved.