org.springframework.security.taglibs.authz

Class AccessControlListTag

java.lang.Object

javax.servlet.jsp.tagext.TagSupport

org.springframework.security.taglibs.authz.AccessControlListTag

All Implemented Interfaces:

java.io.Serializable, javax.servlet.jsp.tagext.IterationTag, javax.servlet.jsp.tagext.JspTag, javax.servlet.jsp.tagext.Tag

public class AccessControlListTag
extends javax.servlet.jsp.tagext.TagSupport

An implementation of Tag that allows its body through if some authorizations are granted to the request's principal.

One or more comma separate numeric are specified via the hasPermission attribute. These permissions are then converted into Permission instances. These instances are then presented as an array to the Acl.isGranted(Permission[], org.springframework.security.acls.sid.Sid[], boolean) method. The Sid presented is determined by the SidRetrievalStrategy.

For this class to operate it must be able to access the application context via the WebApplicationContextUtils and locate an AclService and SidRetrievalStrategy. Application contexts must provide one and only one of these Java types.

Version:

$Id$

Author:

Ben Alex

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected static org.apache.commons.logging.Log	logger

Fields inherited from class javax.servlet.jsp.tagext.TagSupport

id, pageContext

Fields inherited from interface javax.servlet.jsp.tagext.IterationTag

EVAL_BODY_AGAIN

Fields inherited from interface javax.servlet.jsp.tagext.Tag

EVAL_BODY_INCLUDE, EVAL_PAGE, SKIP_BODY, SKIP_PAGE

Constructor Summary

Constructors

Constructor and Description
AccessControlListTag()

Method Summary

Methods

Modifier and Type	Method and Description
int	doStartTag()
protected org.springframework.context.ApplicationContext	getContext(javax.servlet.jsp.PageContext pageContext) Allows test cases to override where application context obtained from.
java.lang.Object	getDomainObject()
java.lang.String	getHasPermission()
void	setDomainObject(java.lang.Object domainObject)
void	setHasPermission(java.lang.String hasPermission)

Methods inherited from class javax.servlet.jsp.tagext.TagSupport

doAfterBody, doEndTag, findAncestorWithClass, getId, getParent, getValue, getValues, release, removeValue, setId, setPageContext, setParent, setValue

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

protected static final org.apache.commons.logging.Log logger

Constructor Detail

AccessControlListTag

public AccessControlListTag()

Method Detail

doStartTag

public int doStartTag()
               throws javax.servlet.jsp.JspException

Specified by:

doStartTag in interface javax.servlet.jsp.tagext.Tag

Overrides:

doStartTag in class javax.servlet.jsp.tagext.TagSupport

Throws:

javax.servlet.jsp.JspException

getContext

protected org.springframework.context.ApplicationContext getContext(javax.servlet.jsp.PageContext pageContext)

Allows test cases to override where application context obtained from.

Parameters:

pageContext - so the ServletContext can be accessed as required by Spring's WebApplicationContextUtils

Returns:

the Spring application context (never null)

getDomainObject

public java.lang.Object getDomainObject()

getHasPermission

public java.lang.String getHasPermission()

setDomainObject

public void setDomainObject(java.lang.Object domainObject)

setHasPermission

public void setHasPermission(java.lang.String hasPermission)