org.apache.turbine.modules.actions
Class AccessController

java.lang.Object
  |
  +--org.apache.turbine.modules.Assembler
        |
        +--org.apache.turbine.modules.Action
              |
              +--org.apache.turbine.modules.actions.AccessController

public class AccessController
extends Action

This action doPerforms an Access Control List and places it into the RunData object, so it is easily available to modules. The ACL is also placed into the session. Modules can null out the ACL to force it to be rebuilt based on more information.

Turbine uses a User-Role-Permission arrangement for access control. Users are assigned Roles. Roles are assigned Permissions. Turbine modules then check the Permission required for an action or information with the set of Permissions currently associated with the session (which are dependent on the user associated with the session.)

The criteria for assigning Roles/Permissions is application dependent, in some cases an application may change a User's Roles during the session. To achieve flexibility, the ACL takes an Object parameter, which the application can use to doPerform the ACL.

This action is special in that it should only be executed by the Turbine servlet.

Version:
$Id$
Author:
John D. McNally, Brett McLaughlin

Constructor Summary
AccessController()
           
 
Method Summary
 void doPerform(RunData data)
          Execute the action.
 
Methods inherited from class org.apache.turbine.modules.Action
perform
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, registerNatives, toString, wait, wait, wait
 

Constructor Detail

AccessController

public AccessController()
Method Detail

doPerform

public void doPerform(RunData data)
               throws java.lang.Exception
Execute the action.
Overrides:
doPerform in class Action
Parameters:
data - Turbine information.
Throws:
Exception, - a generic exception.


Copyright © 1999-2001 Apache Software Foundation. All Rights Reserved.