svn commit: r1178677 - /portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/aggregator/impl/PortletRendererImpl.java

Mon, 03 Oct 2011 20:24:54 -0700 

Author: ate
Date: Tue Oct  4 03:24:28 2011
New Revision: 1178677

URL: http://svn.apache.org/viewvc?rev=1178677&view=rev
Log:
JS2-1262: Enforced portlet level security constraints checking at render time 
through custom jetspeed-portlet.xml metadata 
See: https://issues.apache.org/jira/browse/JS2-1262

Modified:
    
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/aggregator/impl/PortletRendererImpl.java

Modified: 
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/aggregator/impl/PortletRendererImpl.java
URL: 
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/aggregator/impl/PortletRendererImpl.java?rev=1178677&r1=1178676&r2=1178677&view=diff
==============================================================================
--- 
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/aggregator/impl/PortletRendererImpl.java
 (original)
+++ 
portals/jetspeed-2/portal/trunk/components/jetspeed-portal/src/main/java/org/apache/jetspeed/aggregator/impl/PortletRendererImpl.java
 Tue Oct  4 03:24:28 2011
@@ -18,6 +18,7 @@ package org.apache.jetspeed.aggregator.i
 
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.Iterator;
 import java.util.List;
 
 import javax.portlet.PortletMode;
@@ -223,7 +224,8 @@ public class PortletRendererImpl impleme
             long timeoutMetadata = this.getTimeoutOnJob(portletDefinition);
             portletTracking.setExpiration(portletWindow, timeoutMetadata);     
       
             
-            if (checkSecurityConstraints && 
!checkSecurityConstraint(portletDefinition, fragment))
+            if ((checkSecurityConstraints || 
this.enforceSecurityConstraint(portletDefinition)) && 
+                !checkSecurityConstraint(portletDefinition, fragment))
             {
                 throw new PortletAccessDeniedException("Access Denied.");
             }
@@ -405,6 +407,21 @@ public class PortletRendererImpl impleme
         }        
     }
     
+    protected boolean enforceSecurityConstraint(PortletDefinition portlet)
+    {
+        Collection c = 
portlet.getMetadata().getFields("render-time.security-constraints");
+        if (c != null) 
+        {
+            Iterator it = c.iterator();
+            if (it.hasNext()) 
+            {
+                LocalizedField field = (LocalizedField) it.next();
+                return Boolean.parseBoolean(field.getValue());
+            }
+        }
+        return false;
+    }
+    
     protected boolean checkSecurityConstraint(PortletDefinition portlet, 
ContentFragment fragment)
     {
         if (fragment.getType().equals(Fragment.PORTLET))



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscr...@portals.apache.org
For additional commands, e-mail: jetspeed-dev-h...@portals.apache.org

Reply via email to