deegree 2.5 (2011/06/29 09:44 build-8-official)

org.deegree.security.drm
Class SecurityAccessManager

java.lang.Object
  extended by org.deegree.security.drm.SecurityAccessManager

public class SecurityAccessManager
extends java.lang.Object

This singleton manages access to the data stored in an associated SecurityRegistry -instance.

In order to use methods that read from the registry, a SecurityAccess instance has to be acquired first:

Example Code:

 SecurityAccess access = SecurityAccessManager.getInstance();
 
 ReadToken accessToken = access.acquireReadToken();
 
 Role role = access.getRoleById( accessToken, 1 );
 

If write access is needed as well, one has to acquire the exclusive SecurityTransaction. This is only possible if the User has the "write"-privilege.

Example Code:

   SecurityAccess access = SecurityAccess.getInstance ();
   SecurityTransaction lock = access.acquireSecurityTransaction (user);
   access.registerUser (lock, "TESTUSER");
   ...
   access.commitTransaction (lock);
   // after committing changes are made persistent
 

Version:
$Revision: 23585 $, $Date:26.03.2007$
Author:
Markus Schneider , last edited by: $Author:wanhoff$

Method Summary
 void abortTransaction(SecurityTransaction lock)
          Aborts the current transaction and undoes all changes made to the Registry.
 SecurityAccess acquireAccess(User user)
          Tries to acquire a SecurityAccess -instance.
 SecurityTransaction acquireTransaction(User user)
          Tries to acquire the SecurityTransaction for the given User.
 void commitTransaction(SecurityTransaction transaction)
          Ends the current transaction and commits all changes to the Registry.
static SecurityAccessManager getInstance()
          Returns the only instance of this class.
 User getUserByName(java.lang.String name)
          This method is only to be used to get an initial User object.
static void initialize(java.lang.String registryClassName, java.util.Properties registryProperties, long timeout)
          Initializes the SecurityAccessManager -singleton with the given Registry -instance.
static boolean isInitialized()
           
(package private)  void verify(SecurityTransaction transaction)
          Verifies that the submitted Transaction is valid.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

initialize

public static void initialize(java.lang.String registryClassName,
                              java.util.Properties registryProperties,
                              long timeout)
                       throws GeneralSecurityException
Initializes the SecurityAccessManager -singleton with the given Registry -instance.

Parameters:
registryClassName -
registryProperties -
timeout -
Throws:
GeneralSecurityException

isInitialized

public static boolean isInitialized()
Returns:
true if there is an instance

getInstance

public static SecurityAccessManager getInstance()
                                         throws GeneralSecurityException
Returns the only instance of this class.

Returns:
the only instance of this class.
Throws:
GeneralSecurityException

getUserByName

public User getUserByName(java.lang.String name)
                   throws GeneralSecurityException
This method is only to be used to get an initial User object. (Otherwise one would need a User to perform a User lookup.)

Parameters:
name -
Returns:
the user
Throws:
GeneralSecurityException

acquireAccess

public SecurityAccess acquireAccess(User user)
                             throws GeneralSecurityException,
                                    UnauthorizedException
Tries to acquire a SecurityAccess -instance.

Parameters:
user -
Returns:
the instance
Throws:
GeneralSecurityException
UnauthorizedException

acquireTransaction

public SecurityTransaction acquireTransaction(User user)
                                       throws GeneralSecurityException,
                                              UnauthorizedException
Tries to acquire the SecurityTransaction for the given User. Only possibly for User s that have the "modify"-privilege.

NOTE: The implementation checks if the currentTransaction timed out BEFORE it checks if the user is allowed to write to the registry at all. This is because some JDBC-drivers (at least the JDBC-ODBC- bridge together with Microsoft Access (tm)) have been observed to return strange results sometimes when there's a transaction still going on (so that the privileges of the user cannot be retrieved reliably from the registry).

Parameters:
user -
Returns:
the transaction
Throws:
GeneralSecurityException
UnauthorizedException

verify

void verify(SecurityTransaction transaction)
      throws ReadWriteLockInvalidException
Verifies that the submitted Transaction is valid. There are two ways for it to become invalid:

Parameters:
transaction -
Throws:
ReadWriteLockInvalidException
GeneralSecurityException - if transaction is invalid

commitTransaction

public void commitTransaction(SecurityTransaction transaction)
                       throws GeneralSecurityException
Ends the current transaction and commits all changes to the Registry.

Parameters:
transaction -
Throws:
GeneralSecurityException

abortTransaction

public void abortTransaction(SecurityTransaction lock)
                      throws GeneralSecurityException
Aborts the current transaction and undoes all changes made to the Registry.

Parameters:
lock -
Throws:
GeneralSecurityException

deegree 2.5 (2011/06/29 09:44 build-8-official)

an open source project founded by lat/lon, Bonn, Germany.
For more information visit: http://www.deegree.org