org.miloss.fgsms.common

Class UserIdentityUtil

java.lang.Object

org.miloss.fgsms.common.UserIdentityUtil

public class UserIdentityUtil
extends Object

Performs all access control functions of fgsms based on ACLs and Roles. Function of this class is critical has is it the sole location for access control processing

Author:

AO

Field Summary

Fields

Modifier and Type	Field and Description
static String	logname

Constructor Summary

Constructors

Constructor and Description
UserIdentityUtil()

Method Summary

Methods

Modifier and Type	Method and Description
static void	assertAdministerAccess(String uri, String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) throws a security exception of the user does not have the role administer for a specific uri or global administrator, checks the servlet context first, then the database
static void	assertAdminOrAgentRole(String currentUser, String fromFunction, SecurityWrapper currentLevel, WebServiceContext mc) throws an exception if the user is a global admin or an agent , checks the servlet context first, then the database
static void	assertAgentRole(String currentUser, String fromFunction, SecurityWrapper currentLevel, WebServiceContext session) Assert Agent Role, throws a security exception if the user does not have the agent role, checks the servlet context first, then the database
static void	assertAuditAccess(String uri, String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) assertAuditAccess throws a security exception if the user does not contain the role audit for a specific URI or the global audit role , checks the servlet context first, then the database
static void	assertAuditRole(String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session)
static void	assertGlobalAdministratorRole(String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) Assert global admin role, throws an exception if the role is not present, checks the servlet context first, then the database
static void	assertGlobalAuditRole(String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) Assert global admin role, throws an exception if the role is not present, checks the servlet context first, then the database
static void	assertReadAccess(String uri, String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) assertReadAccess , checks the servlet context first, then the database
static void	assertWriteAccess(String uri, String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) assertWriteAccess throws an exception if the role is not present , checks the servlet context first, then the database
static String	getFirstIdentityToString(WebServiceContext webctx) Current only works for HTTP auth methods, unknown if SOAP credentials will be available here
static boolean	hasGlobalAdministratorRole(String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) return true if the user has the global admin role, , checks the servlet context first, then the database
static boolean	hasGlobalAuditRole(String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) return true if the user has the global admin role, , checks the servlet context first, then the database
static boolean	hasReadAccess(String currentUser, String fromFunction, String uri, SecurityWrapper classification, WebServiceContext session) return true if the user has the global admin role, , checks the servlet context first, then the database
static boolean	isTrustedAgent(String currentUser, String fromFunction, SecurityWrapper classification, WebServiceContext session) return true if the current user is an agent, checks the servlet context first, then the database

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logname

public static final String logname

See Also:

Constant Field Values

Constructor Detail

UserIdentityUtil

public UserIdentityUtil()

Method Detail

assertReadAccess

public static void assertReadAccess(String uri,
                    String currentUser,
                    String fromFunction,
                    SecurityWrapper classification,
                    WebServiceContext session)

assertReadAccess , checks the servlet context first, then the database

Parameters:

uri -

currentUser -

fromFunction -

classification -

assertWriteAccess

public static void assertWriteAccess(String uri,
                     String currentUser,
                     String fromFunction,
                     SecurityWrapper classification,
                     WebServiceContext session)

assertWriteAccess throws an exception if the role is not present , checks the servlet context first, then the database

Parameters:

uri -

currentUser -

fromFunction -

classification -

assertAuditAccess

public static void assertAuditAccess(String uri,
                     String currentUser,
                     String fromFunction,
                     SecurityWrapper classification,
                     WebServiceContext session)

assertAuditAccess throws a security exception if the user does not contain the role audit for a specific URI or the global audit role , checks the servlet context first, then the database

Parameters:

uri -

currentUser -

fromFunction -

classification -

assertAdministerAccess

public static void assertAdministerAccess(String uri,
                          String currentUser,
                          String fromFunction,
                          SecurityWrapper classification,
                          WebServiceContext session)

throws a security exception of the user does not have the role administer for a specific uri or global administrator, checks the servlet context first, then the database

Parameters:

uri -

currentUser -

fromFunction -

classification -

assertGlobalAdministratorRole

public static void assertGlobalAdministratorRole(String currentUser,
                                 String fromFunction,
                                 SecurityWrapper classification,
                                 WebServiceContext session)

Assert global admin role, throws an exception if the role is not present, checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

classification -

session -

hasGlobalAdministratorRole

public static boolean hasGlobalAdministratorRole(String currentUser,
                                 String fromFunction,
                                 SecurityWrapper classification,
                                 WebServiceContext session)

return true if the user has the global admin role, , checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

classification -

session -

Returns:

getFirstIdentityToString

public static String getFirstIdentityToString(WebServiceContext webctx)

Current only works for HTTP auth methods, unknown if SOAP credentials will be available here

Parameters:

webctx -

Returns:

assertAgentRole

public static void assertAgentRole(String currentUser,
                   String fromFunction,
                   SecurityWrapper currentLevel,
                   WebServiceContext session)

Assert Agent Role, throws a security exception if the user does not have the agent role, checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

currentLevel -

mc -

isTrustedAgent

public static boolean isTrustedAgent(String currentUser,
                     String fromFunction,
                     SecurityWrapper classification,
                     WebServiceContext session)

return true if the current user is an agent, checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

classification -

session -

Returns:

assertAdminOrAgentRole

public static void assertAdminOrAgentRole(String currentUser,
                          String fromFunction,
                          SecurityWrapper currentLevel,
                          WebServiceContext mc)

throws an exception if the user is a global admin or an agent , checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

currentLevel -

mc -

assertAuditRole

public static void assertAuditRole(String currentUser,
                   String fromFunction,
                   SecurityWrapper classification,
                   WebServiceContext session)

hasGlobalAuditRole

public static boolean hasGlobalAuditRole(String currentUser,
                         String fromFunction,
                         SecurityWrapper classification,
                         WebServiceContext session)

return true if the user has the global admin role, , checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

classification -

mc -

Returns:

assertGlobalAuditRole

public static void assertGlobalAuditRole(String currentUser,
                         String fromFunction,
                         SecurityWrapper classification,
                         WebServiceContext session)

Assert global admin role, throws an exception if the role is not present, checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

classification -

mc -

hasReadAccess

public static boolean hasReadAccess(String currentUser,
                    String fromFunction,
                    String uri,
                    SecurityWrapper classification,
                    WebServiceContext session)

return true if the user has the global admin role, , checks the servlet context first, then the database

Parameters:

currentUser -

fromFunction -

url -

classification -

session -

Returns: