PrivateBlogVoter (Pebble)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.sourceforge.pebble.security
Class PrivateBlogVoter

java.lang.Object
  net.sourceforge.pebble.security.PrivateBlogVoter

public class PrivateBlogVoter
extends java.lang.Object
extends java.lang.Object

AccessDecisionVoter that votes ACCESS_GRANTED if the user is : - a blog admin user - authorised for the blog (owner, publisher or contributor) - a blog reader Otherwise, access is denied.

Author:: Simon Brown

Constructor Summary
`PrivateBlogVoter()`

Method Summary
`boolean`	`supports(ConfigAttribute attribute)` Indicates whether this `AccessDecisionVoter` is able to vote on the passed `ConfigAttribute`.
`int`	`vote(Authentication authentication, java.lang.Object object, ConfigAttributeDefinition config)` Indicates whether or not access is granted.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

PrivateBlogVoter

public PrivateBlogVoter()

Method Detail

supports

public boolean supports(ConfigAttribute attribute)

Indicates whether this AccessDecisionVoter is able to vote on the passed ConfigAttribute.

This allows the AbstractSecurityInterceptor to check every configuration attribute can be consumed by the configured AccessDecisionManager and/or RunAsManager and/or AfterInvocationManager.

Parameters:: attribute - a configuration attribute that has been configured against the AbstractSecurityInterceptor
Returns:: true if this AccessDecisionVoter can support the passed configuration attribute

vote

public int vote(Authentication authentication,
                java.lang.Object object,
                ConfigAttributeDefinition config)

Indicates whether or not access is granted.

The decision must be affirmative (ACCESS_GRANTED), negative (ACCESS_DENIED) or the AccessDecisionVoter can abstain (ACCESS_ABSTAIN) from voting. Under no circumstances should implementing classes return any other value. If a weighting of results is desired, this should be handled in a custom org.acegisecurity.AccessDecisionManager instead.

Unless an AccessDecisionVoter is specifically intended to vote on an access control decision due to a passed method invocation or configuration attribute parameter, it must return ACCESS_ABSTAIN. This prevents the coordinating AccessDecisionManager from counting votes from those AccessDecisionVoters without a legitimate interest in the access control decision.

Whilst the method invocation is passed as a parameter to maximise flexibility in making access control decisions, implementing classes must never modify the behaviour of the method invocation (such as calling MethodInvocation.proceed()).

Parameters:: authentication - the caller invoking the method; object - the secured object; config - the configuration attributes associated with the method being invoked
Returns:: either #ACCESS_GRANTED, #ACCESS_ABSTAIN or #ACCESS_DENIED