I think you need something link the one I've developed, currently I've no much time to explain the code, I hope u understand it,
package org.jfly.cedi.security;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import org.jfly.model.AClientH;
import org.jfly.model.CLocationRoleH;
import org.jfly.model.CRoleH;
import org.jfly.security.JFlyPrincipal;
import org.jfly.utils.CommonUtils;
public class CEDIPrincipal extends JFlyPrincipal {
private Map locationRoles;
private String mainLocation;
// ---------------- constructor -------------------------
public CEDIPrincipal() {
this("","",new TreeSet());
}
public CEDIPrincipal(String name, String fullName, Collection roles) {
super(name, fullName, roles);
locationRoles = new HashMap();
}
// ---------------- getters -------------------------
public Map getLocationRoles() {
return locationRoles;
}
public String getMainLocation() {
return mainLocation;
}
// ---------------- setters -------------------------
public void setLocationRoles(Map locationRoles) {
this.locationRoles=locationRoles;
}
public void setMainLocation(String mainLocation) {
this.mainLocation=mainLocation;
}
// ---------------- methods -------------------------
public Set getRolesOnLocation(String location) {
return (Set)getLocationRoles().get(location);
}
public void addMainLocationRole(AClientH location, Collection roles) {
locationRoles.put(location.getClientKey(),
getRoles(roles));
}
public void addLocationRole(CLocationRoleH locationRole) {
locationRoles.put(locationRole.getLocation().getClientKey(),
getRoles(locationRole.getCRoleSet()));
}
public boolean isUserInRole(String location, String role) {
boolean result = false;
Set locationRoles = getRolesOnLocation(location);
if (!CommonUtils.nullOrEmpty(locationRoles)) {
result = locationRoles.contains(role);
}
return result;
}
public boolean isUserInRole(String location, Collection roles) {
boolean result = false;
Set locationRoles = getRolesOnLocation(location);
if (!CommonUtils.nullOrEmpty(locationRoles)) {
Iterator iRoles = roles.iterator();
while (iRoles.hasNext() && !result) {
String role = (String)iRoles.next();
result = locationRoles.contains(role);
}
}
return result;
}
public Set getLocations() {
return getLocationRoles().keySet();
}
public boolean hasLocation(String location) {
return getLocationRoles().keySet().contains(location);
}
// ---------------- helpers -------------------------
private Set getRoles(Collection roles) {
Set result = new TreeSet();
Iterator iter = roles.iterator();
while (iter.hasNext()) {
String role = ((CRoleH)iter.next()).getRoleId();
result.add(role);
}
return result;
}
}
CEDIPrincipal has to be built on user logon, then put in session
Ciao,
Andrea Chiumenti
On 5/19/06, Ing. Stefano Girotti <[EMAIL PROTECTED]> wrote:
"Brian K. Wallace"
<<mailto:[EMAIL PROTECTED]>[EMAIL PROTECTED]> ha scritto
nel messaggio
<news:[EMAIL PROTECTED]>news:[EMAIL PROTECTED]
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This is where I stick with ACEGI being unobtrusive. Not discounting any
> other method of doing it at all, but I found that with ACEGI I add a
> hook into "login/logout" pages and there's no other intrusion into my
> Tapestry applications outside the configuration file (aka: no
> "isUserInRole("...")" of any kind.
>
> Again - one size doesn't fit all - especially with security. Take the
> "easiest way for you" as long as it foots the bill and you're usually
> alright.
i'm looking for a Searchable Security:
for example:
for the current user i have to find what special offers can buy....
and again.... the classic Access Control List have read - write - delete or
admin properties.... i'd like to extend it... for example a special offer
is avaible from date to date... or by special code...
i had a look to ACEGI and seems to me that is not what i'm looking for :(
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
