public interface IAuthorizationStrategy
Modifier and Type | Interface and Description |
---|---|
static class |
IAuthorizationStrategy.AllowAllAuthorizationStrategy |
Modifier and Type | Field and Description |
---|---|
static IAuthorizationStrategy |
ALLOW_ALL
Implementation of
IAuthorizationStrategy that allows everything. |
Modifier and Type | Method and Description |
---|---|
boolean |
isActionAuthorized(Component component,
Action action)
Gets whether the given action is permitted.
|
<T extends IRequestableComponent> |
isInstantiationAuthorized(Class<T> componentClass)
Checks whether an instance of the given component class may be created.
|
boolean |
isResourceAuthorized(IResource resource,
PageParameters parameters)
Checks whether a request with some parameters is allowed to a resource.
|
static final IAuthorizationStrategy ALLOW_ALL
IAuthorizationStrategy
that allows everything.<T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> componentClass)
IUnauthorizedComponentInstantiationListener
that is configured in
the security settings
will be called. The default implementation of
that listener throws a UnauthorizedInstantiationException
.
If you wish to implement a strategy that authenticates users which cannot access a given Page
(or other Component), you can simply throw a
RestartResponseAtInterceptPageException
in your implementation of
this method.
T
- componentClass
- The component class to checkboolean isActionAuthorized(Component component, Action action)
component
- The component to be acted uponaction
- The action to authorize on the componentAuthorizationException
- Can be thrown by implementation if action is unauthorizedComponent.ENABLE
,
Component.RENDER
boolean isResourceAuthorized(IResource resource, PageParameters parameters)
resource
- The resource that should be processedparameters
- The request parameterstrue
if the request to this resource is allowed.Copyright © 2006–2016 Apache Software Foundation. All rights reserved.