javax.servlet.GenericServlet
javax.servlet.http.HttpServlet
org.pajes.servlet.PajeServlet
org.pajes.servlet.DataAccessPajeServlet
org.pajes.servlet.AuthenticatedPajeServlet
|
PAJES 2.3.9 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
Base class for all servlets that utilise the PAJES servlet framework that require authentication services.
If authentication services are being provided by the servlet container, NO access control checking is performed.
As with "standard" servlets, sub-classes should implement the appropriate
"do" method, such as doGet or doPost. The
service method should never be over-ridden.
AccessPermission,
Serialized Form| Constructor Summary | |
AuthenticatedPajeServlet()
|
|
| Method Summary | |
protected void |
doForbidden(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Called when permission checking fails. |
protected AccessPermission |
getAccessPermission()
Returns the AccessPermission instance that controls access to this web application. |
protected boolean |
isPermitted(java.security.Principal principal,
AccessPermission ap,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Called by the service(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method to provide access checking before
allowing the request to be serviced. |
protected void |
service(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Over-rides the PajeServletservice method to provide
authentication checking. |
| Methods inherited from class org.pajes.servlet.DataAccessPajeServlet |
getDBConnection, getDBConnection, getDBConnectionPoolManager |
| Methods inherited from class org.pajes.servlet.PajeServlet |
createPaje, createPaje, createPaje, doGet, doPost, getAbsoluteHREF, getBaseHREF, getMaxFileUploadSize, getPajeFactory, getResource, getUploadedFile, getUploadedFileNames, handleException, init, log, log, setInputFieldsFromRequestAttributes, setInputFieldsFromRequestParameters, setMaxFileUploadSize, setPajeFactory |
| Methods inherited from class javax.servlet.http.HttpServlet |
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service |
| Methods inherited from class javax.servlet.GenericServlet |
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
public AuthenticatedPajeServlet()
| Method Detail |
protected final AccessPermission getAccessPermission()
throws AccessPermissionException
If no AccessPermission instance was found on PAJES initialisation, or if authentication
services are being provided by the servlet container, this method will
return null.
AccessPermissionException - if an error occurs during
initialization.
protected boolean isPermitted(java.security.Principal principal,
AccessPermission ap,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws java.io.IOException,
javax.servlet.ServletException
service(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method to provide access checking before
allowing the request to be serviced.
This method will only be called if the user has been succesfully
authenticated (i.e. the Principal has been established).
If this method returns true, control will be passed to the
super.service method. If it returns false, the doForbidden(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) method will be called.
The default implementation calls AccessPermission.isPermitted(org.pajes.servlet.AuthenticatedPajeServlet, java.security.Principal, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse).
principal - the authenticated principal object.ap - the AccessPermission instance.request - the object that contains the request the client made of
the servlet.response - the object that contains the response the servlet will
return to the client.
java.io.IOException - if an IO exception occurs whilst servicing the
request.
javax.servlet.ServletException - if an exception occurs servicing the request.
protected void doForbidden(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws java.io.IOException,
javax.servlet.ServletException
HttpServletResponse.SC_FORBIDDEN error back to the
browser.
request - the object that contains the request the client made of
the servlet.response - the object that contains the response the servlet
returns to the client.
java.io.IOException - if an IO exception occurs whilst servicing the
request.
javax.servlet.ServletException - if an exception occurs servicing the request.isPermitted(java.security.Principal, org.pajes.security.AccessPermission, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
protected final void service(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws java.io.IOException,
javax.servlet.ServletException
PajeServletservice method to provide
authentication checking.
If the user has NOT been authenticated, they will be dispatched to the
login page.
service in class DataAccessPajeServletrequest - the object that contains the request the client made of
the servlet.response - the object that contains the response the servlet
returns to the client.
java.io.IOException - if an IO exception occurs whilst servicing the
request.
javax.servlet.ServletException - if an exception occurs servicing the request.
|
PAJES 2.3.9 | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||