Package ome.security.basic

Class BasicMethodSecurity

  • All Implemented Interfaces:
    MethodSecurity
    public class BasicMethodSecurity
extends java.lang.Object
implements MethodSecurity
    Implementation of MethodSecurity which checks method security based on the RolesAllowed annotations of our implementation methods. To do this, it is necessary to "unwrap" proxies via the Advised interface.
    Since:
    3.0-Beta2
    See Also:
    SecuritySystem

    • Constructor Detail

      • BasicMethodSecurity

        public BasicMethodSecurity()

      • BasicMethodSecurity

        public BasicMethodSecurity​(boolean active)

    • Method Detail

      • setSessionManager

        public void setSessionManager​(SessionManager sessionManager)

      • checkMethod

        public void checkMethod​(java.lang.Object o,
                        java.lang.reflect.Method m,
                        ome.system.Principal p,
                        boolean hasPassword)
        Description copied from interface: MethodSecurity
        Throws a SecurityViolation exception if the given Principal does not have the proper permissions to execute the given method. If MethodSecurity.isActive() returns false, this method may also throw any RuntimeException to specify that it is not in an active state.
        Specified by:
        checkMethod in interface MethodSecurity
        Parameters:
        o - Object on which this method will be called.
        m - Method to be called.
        p - Principal for which permissions will be checked.
        hasPassword - flag if the user's session has been authenticated directly and not via a one-time session id or similar.
        See Also:
        MethodSecurity.checkMethod(Object, Method, Principal, boolean)