Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

ch.security4web.esapi.authentication
Class EsapiAuthorization

java.lang.Object
  extended by UIOutput
      extended by ch.security4web.esapi.authentication.EsapiAuthorization

The EsapiAuthorized class stores the users information in the user.txt file, that information contains
 user's role, user's last login time, etc. and based on the information, the users are given the rights to
 access the presentation layer of the JSF application. The presentation layer is nothing but .XHTML or JSP file
 
 

 For example :- 

 <esapi:authorization role="admin"> 

 Admin Content.

 <esapi:authorization>  
 

 
 As shown in the above code, The role attribute "admin" of the  tag show  the 
 content inside the tag is accessible to the admin user only. The user with other role can not have 
 access to the content above.
 
 Moreover, the user with "admin" role can have full access to the content of entire page, however,
 the normal user can not see them, because they don't have right's to see like Admin user.
 
 

 For example :- 

 <esapi:authorization role="user">

 User Content.

 </esapi:authorization>  
 
 

 
 

 The User with "user" role could see only data, which is inside the tag but other important 
 data with other roles are not visualized to them.
 




















Constructor Summary




EsapiAuthorization()



          








Method Summary





protected static void
disableRec(UIComponent c,
           java.util.List<java.lang.String> blackList)



          




Methods inherited from class java.lang.Object




clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait




 











Constructor Detail







EsapiAuthorization


public EsapiAuthorization()




constructor.





Since:

  
1.0














Method Detail







saveState


public java.lang.Object saveState(FacesContext context)




Save state of role associated with authorization tag in facelest context.





Parameters:
context - facelet Context

Returns:
Array object which has context in first place(location) and return role in second place(location).
Since:

  
1.0












restoreState


public void restoreState(FacesContext context,
                         java.lang.Object state)




Restore value of role in existing facelet context





Parameters:
context - facelet context
state - state of role to be restored in existing context.
Since:

  
1.0












getFamily


public java.lang.String getFamily()




Give family of this tag






Returns:
tag belongs to esapi.authorization family.
Since:

  
1.0












getRole


public java.lang.String getRole()




Get role associated with authorization tag.






Returns:
Role name
Since:

  
1.0












setRole


public void setRole(java.lang.String role)




Role is set which is associated with authorization tag.

 "admin","user" ext.





Parameters:
role - role name










encodeBegin


public void encodeBegin(FacesContext context)
                 throws java.io.IOException




This method render component and sub component inside authorization tag base of user authorization.
 role="admin" could see all page content.
 role="user" could visualized only public content on the page and "user".
 but not able to see "admin" content.





Parameters:
context - facelet context

Throws:

java.io.IOException - throws IOException when user is not found inside user.txt file.
Since:

  
1.0












disableRec


protected static void disableRec(UIComponent c,
                                 java.util.List<java.lang.String> blackList)



























  

      Overview 
      Package 
    Class 
      Tree 
      Deprecated 
      Index 
      Help 
  













 PREV CLASS 
 NEXT CLASS

  FRAMES   
 NO FRAMES   
 









  SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD