Package org.apache.tapestry5.internal.services

Class RequestSecurityManagerImpl

java.lang.Object

org.apache.tapestry5.internal.services.RequestSecurityManagerImpl

All Implemented Interfaces:

RequestSecurityManager

public class RequestSecurityManagerImpl
extends java.lang.Object
implements RequestSecurityManager

Constructor Summary

Constructors

Constructor	Description
RequestSecurityManagerImpl(Request request, Response response, ComponentEventLinkEncoder componentEventLinkEncoder, MetaDataLocator locator, boolean securityEnabled)

Method Summary

Modifier and Type	Method	Description
boolean	checkForInsecureComponentEventRequest(ComponentEventRequestParameters parameters)	Checks the target page of the component event request to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent, preserving the original component event request.
boolean	checkForInsecurePageRenderRequest(PageRenderRequestParameters parameters)	Checks the page to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent.
LinkSecurity	checkPageSecurity(java.lang.String pageName)	Determines if the page security does not match the request's security.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RequestSecurityManagerImpl

public RequestSecurityManagerImpl(Request request,
                                  Response response,
                                  ComponentEventLinkEncoder componentEventLinkEncoder,
                                  MetaDataLocator locator,
                                  @Symbol("tapestry.secure-enabled")
                                  boolean securityEnabled)

Method Detail

checkForInsecureComponentEventRequest

public boolean checkForInsecureComponentEventRequest(ComponentEventRequestParameters parameters)
                                              throws java.io.IOException

Description copied from interface: RequestSecurityManager

Checks the target page of the component event request to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent, preserving the original component event request.

Specified by:

checkForInsecureComponentEventRequest in interface RequestSecurityManager

Parameters:

parameters - parameters for the current request

Returns:

true if a redirect was sent, false if normal processing should continue

Throws:

java.io.IOException

checkForInsecurePageRenderRequest

public boolean checkForInsecurePageRenderRequest(PageRenderRequestParameters parameters)
                                          throws java.io.IOException

Description copied from interface: RequestSecurityManager

Checks the page to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent.

Specified by:

checkForInsecurePageRenderRequest in interface RequestSecurityManager

Parameters:

parameters - parameters for the current request

Returns:

true if a redirect was sent, false if normal processing should continue

Throws:

java.io.IOException

checkPageSecurity

public LinkSecurity checkPageSecurity(java.lang.String pageName)

Description copied from interface: RequestSecurityManager

Determines if the page security does not match the request's security. Returns LinkSecurity.SECURE or LinkSecurity.INSECURE if the request security matches the pages. Otherwise, returns LinkSecurity.FORCE_SECURE or LinkSecurity.FORCE_INSECURE (which will force fully qualified URLs to be generated when rendering).

Specified by:

checkPageSecurity in interface RequestSecurityManager

Parameters:

pageName - for the security check

Returns:

security for this request, as applied to indicated page