public class BasicMethodSecurity extends java.lang.Object implements MethodSecurity
MethodSecurity
which checks method security based
on the RolesAllowed
annotations of our implementation methods. To do
this, it is necessary to "unwrap" proxies via the Advised
interface.SecuritySystem
Constructor and Description |
---|
BasicMethodSecurity() |
BasicMethodSecurity(boolean active) |
Modifier and Type | Method and Description |
---|---|
void |
checkMethod(java.lang.Object o,
java.lang.reflect.Method m,
ome.system.Principal p,
boolean hasPassword)
Throws a
SecurityViolation exception if the given
Principal does not have the proper permissions to execute the
given method. |
boolean |
isActive()
|
void |
setSessionManager(SessionManager sessionManager) |
public BasicMethodSecurity()
public BasicMethodSecurity(boolean active)
public void setSessionManager(SessionManager sessionManager)
public boolean isActive()
isActive
in interface MethodSecurity
public void checkMethod(java.lang.Object o, java.lang.reflect.Method m, ome.system.Principal p, boolean hasPassword)
MethodSecurity
SecurityViolation
exception if the given
Principal
does not have the proper permissions to execute the
given method. If MethodSecurity.isActive()
returns false, this method may also
throw any RuntimeException
to specify that it is not in an active
state.checkMethod
in interface MethodSecurity
o
- Object
on which this method will be called.m
- Method
to be called.p
- Principal
for which permissions will be checked.hasPassword
- flag if the user's session has been authenticated directly
and not via a one-time session id or similar.MethodSecurity.checkMethod(Object, Method, Principal, boolean)