Re: [Stripes-users] Stripes Stuff Security manager

Tue, 04 Oct 2011 10:42:56 -0700 

Sure!  I can do that.  In fact just built it locally with my fix.  

Here is what I came up with

                if (element.isAnnotationPresent(DenyAll.class))
                {
                        // The element denies access.

                        allowed = false;
                }
                else if (element.isAnnotationPresent(PermitAll.class))
                {
                        // The element allows access to all security roles 
(i.e. any authenticated user).

                        allowed = isUserAuthenticated(bean, handler);
                }
                else
                {
                        //Still need to check if the users is authorized
                        allowed = isUserAuthenticated(bean, handler);

                        RolesAllowed rolesAllowed = 
element.getAnnotation(RolesAllowed.class);
                        if (allowed.booleanValue()  && (rolesAllowed != null))
                        {
                                // The element allows access if the user has 
one of the specified roles.

                                allowed = false;

                                for (String role : rolesAllowed.value())
                                {
                                        Boolean hasRole = hasRole(bean, 
handler, role);
                                        if (hasRole != null && hasRole)
                                        {
                                                allowed = true;
                                                break;
                                        }
                                }
                        }
                }


On Oct 4, 2011, at 11:28 AM, Poitras Christian wrote:

> Hi Nathan,
>  
> I can commit the change if you plan to build it from source.
>  
> Christian
>  
> De : Nathan Maves [mailto:[email protected]] 
> Envoyé : October-04-11 12:17 PM
> À : Stripes Users List
> Objet : [Stripes-users] Stripes Stuff Security manager
>  
> Not sure if anyone is still working on this project.  I just implemented it 
> and it is working great except for one small issue.
>  
> I have created a ticket but know one has even looked at it.  Who maintains 
> this project?
>  
> http://sourceforge.net/tracker/?func=detail&aid=3382420&group_id=217148&atid=1039392
>  
>  
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2dcopy1_______________________________________________
> Stripes-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/stripes-users


------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Stripes-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/stripes-users

Reply via email to