org.objectweb.jac.aspects.authentication
Class AuthenticationWrapper

java.lang.Object
  |
  +--org.objectweb.jac.core.Wrapper
        |
        +--org.objectweb.jac.aspects.authentication.AuthenticationWrapper
All Implemented Interfaces:
Advice, ConstructorInterceptor, Interceptor, MethodInterceptor, Serializable

public class AuthenticationWrapper
extends Wrapper

This wrapper uses an authenticator and a controller to ensure that the current interaction is authenticated and allowed.

See Also:
AuthenticationAC, Authenticator, Serialized Form

Field Summary
 
Fields inherited from class org.objectweb.jac.core.Wrapper
ac, cr
 
Constructor Summary
AuthenticationWrapper(AspectComponent ac, Authenticator authenticator, MethodItem controller)
          Constructs a new authentication wrapper.
 
Method Summary
 Object authenticateAndControl(Interaction interaction)
          This wrapping method authenticates a call on the wrapped method and controls that the authentcated user owns the rights to call it.
 void catchAccessDenied(AccessDeniedException e)
          This exception handler reacts when the access is denied.
 Object construct(ConstructorInvocation invocation)
           
static boolean dummyController(String username, Object wrappee, MethodItem method)
          Always return true.
 Object invoke(MethodInvocation invocation)
           
 boolean isTrustedUser(String username)
          Returns true if the user is in the trusted users list.
 void setAccessDeniedMessage(String message)
          Sets the message to show when the access is denied.
 void setAuthenticator(Authenticator authenticator)
           
 void setController(MethodItem controller)
          Sets the access rights controller.
 
Methods inherited from class org.objectweb.jac.core.Wrapper
attr, attrdef, defines, getAspectComponent, getAspectComponentName, getExceptionHandlers, proceed, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

AuthenticationWrapper

public AuthenticationWrapper(AspectComponent ac,
                             Authenticator authenticator,
                             MethodItem controller)
Constructs a new authentication wrapper.

Parameters:
ac - the aspect component that owns this wrapper
authenticator - the object that authenticates
controller - the method that grants the rights or not
Method Detail

invoke

public Object invoke(MethodInvocation invocation)
              throws Throwable
Specified by:
invoke in interface MethodInterceptor
Overrides:
invoke in class Wrapper
Throwable

construct

public Object construct(ConstructorInvocation invocation)
                 throws Throwable
Specified by:
construct in interface ConstructorInterceptor
Overrides:
construct in class Wrapper
Throwable

setController

public void setController(MethodItem controller)
Sets the access rights controller.

Parameters:
controller - a static method of the prototype boolean controller(String username,Object wrappee,MethodItem method)
See Also:
UserAC.userController(String,Object,MethodItem), dummyController(String,Object,MethodItem)

setAuthenticator

public void setAuthenticator(Authenticator authenticator)

authenticateAndControl

public Object authenticateAndControl(Interaction interaction)
                              throws AuthenticationFailedException,
                                     AccessDeniedException,
                                     Throwable
This wrapping method authenticates a call on the wrapped method and controls that the authentcated user owns the rights to call it.

Returns:
the value returned by the wrapped method
AuthenticationFailedException
AccessDeniedException
Throwable

isTrustedUser

public boolean isTrustedUser(String username)
Returns true if the user is in the trusted users list.

Parameters:
username - the name of the user to check
Returns:
true if trusted

setAccessDeniedMessage

public void setAccessDeniedMessage(String message)
Sets the message to show when the access is denied.

Parameters:
message - the message

catchAccessDenied

public void catchAccessDenied(AccessDeniedException e)
This exception handler reacts when the access is denied.

Parameters:
e - the acces denied exception

dummyController

public static boolean dummyController(String username,
                                      Object wrappee,
                                      MethodItem method)
Always return true. Use to force authentication.

Parameters:
username - the user's name
wrappee - the authenticated method
method - the authenticated method