org.apache.turbine.services.security
Class BaseSecurityService

java.lang.Object
  org.apache.turbine.services.BaseInitable
      org.apache.turbine.services.BaseService
          org.apache.turbine.services.TurbineBaseService
              org.apache.turbine.services.security.BaseSecurityService

All Implemented Interfaces:

Initable, SecurityService, Service

Direct Known Subclasses:

LDAPSecurityService, TorqueSecurityService

public abstract class BaseSecurityService

extends TurbineBaseService

implements SecurityService

This is a common subset of SecurityService implementation. Provided functionality includes:

• methods for retrieving User objects, that delegates functionality to the pluggable implementations of the User interface.
• synchronization mechanism for methods reading/modifying the security information, that guarantees that multiple threads may read the information concurrently, but threads that modify the information acquires exclusive access.
• implementation of convenience methods for retrieving security entities that maintain in-memory caching of objects for fast access.

Version:

$Id: BaseSecurityService.java 534527 2007-05-02 16:10:59Z tv $

Author:

Rafal Krzewski, Henning P. Schmiedehausen, Marco Knüttel, Quinton McCombs

Field Summary

Fields inherited from class org.apache.turbine.services.BaseService

configuration, name, serviceBroker

Fields inherited from class org.apache.turbine.services.BaseInitable

initableBroker, isInitialized

Fields inherited from interface org.apache.turbine.services.security.SecurityService

ACL_CLASS_DEFAULT, ACL_CLASS_KEY, GROUP_CLASS_DEFAULT, GROUP_CLASS_KEY, PERMISSION_CLASS_DEFAULT, PERMISSION_CLASS_KEY, ROLE_CLASS_DEFAULT, ROLE_CLASS_KEY, SECURE_PASSWORDS_ALGORITHM_DEFAULT, SECURE_PASSWORDS_ALGORITHM_KEY, SECURE_PASSWORDS_DEFAULT, SECURE_PASSWORDS_KEY, SERVICE_NAME, USER_CLASS_DEFAULT, USER_CLASS_KEY, USER_MANAGER_DEFAULT, USER_MANAGER_KEY

Constructor Summary

BaseSecurityService()

Method Summary

boolean	accountExists(java.lang.String userName) Check whether a specified user's account exists.
boolean	accountExists(User user) Check whether a specified user's account exists.
void	addUser(User user, java.lang.String password) Creates new user account with specified attributes.
void	changePassword(User user, java.lang.String oldPassword, java.lang.String newPassword) Change the password for an User.
boolean	checkPassword(java.lang.String checkpw, java.lang.String encpw) Checks if a supplied password matches the encrypted password
java.lang.String	encryptPassword(java.lang.String password) This method provides client-side encryption of passwords.
java.lang.String	encryptPassword(java.lang.String password, java.lang.String salt) This method provides client-side encryption of passwords.
void	forcePassword(User user, java.lang.String password) Forcibly sets new password for an User.
java.lang.Class	getAclClass() Return a Class object representing the system's chosen implementation of of ACL interface.
AccessControlList	getAclInstance(java.util.Map roles, java.util.Map permissions) Construct a new ACL object.
GroupSet	getAllGroups() Retrieves all groups defined in the system.
PermissionSet	getAllPermissions() Retrieves all permissions defined in the system.
RoleSet	getAllRoles() Retrieves all roles defined in the system.
User	getAnonymousUser() Constructs an User object to represent an anonymous user of the application.
User	getAuthenticatedUser(java.lang.String username, java.lang.String password) Authenticates an user, and constructs an User object to represent him/her.
Group	getGlobalGroup() Provides a reference to the Group object that represents the global group.
Group	getGroup(java.lang.String name) Deprecated. Use getGroupByName instead.
Group	getGroupById(int id) Retrieve a Group object with specified Id.
Group	getGroupByName(java.lang.String name) Retrieve a Group object with specified name.
java.lang.Class	getGroupClass() Return a Class object representing the system's chosen implementation of of Group interface.
Group	getGroupInstance() Construct a blank Group object.
Group	getGroupInstance(java.lang.String groupName) Construct a blank Group object.
Group	getNewGroup(java.lang.String groupName) Deprecated. Use getGroupInstance(String name) instead.
Permission	getNewPermission(java.lang.String permissionName) Deprecated. Use getPermissionInstance(String name) instead.
Role	getNewRole(java.lang.String roleName) Deprecated. Use getRoleInstance(String name) instead.
Permission	getPermission(java.lang.String name) Deprecated. Use getPermissionByName instead.
Permission	getPermissionById(int id) Retrieve a Permission object with specified Id.
Permission	getPermissionByName(java.lang.String name) Retrieve a Permission object with specified name.
java.lang.Class	getPermissionClass() Return a Class object representing the system's chosen implementation of of Permission interface.
Permission	getPermissionInstance() Construct a blank Permission object.
Permission	getPermissionInstance(java.lang.String permName) Construct a blank Permission object.
Role	getRole(java.lang.String name) Deprecated. Use getRoleByName instead.
Role	getRoleById(int id) Retrieve a Role object with specified Id.
Role	getRoleByName(java.lang.String name) Retrieve a Role object with specified name.
java.lang.Class	getRoleClass() Return a Class object representing the system's chosen implementation of of Role interface.
Role	getRoleInstance() Construct a blank Role object.
Role	getRoleInstance(java.lang.String roleName) Construct a blank Role object.
User	getUser(java.lang.String username) Constructs an User object to represent a registered user of the application.
java.lang.Class	getUserClass() Return a Class object representing the system's chosen implementation of of User interface.
User	getUserInstance() Construct a blank User object.
User	getUserInstance(java.lang.String userName) Construct a blank User object.
java.util.List	getUserList(org.apache.torque.util.Criteria criteria) Retrieve a set of users that meet the specified criteria.
UserManager	getUserManager() Returns the configured UserManager.
User[]	getUsers(org.apache.torque.util.Criteria criteria) Deprecated. Use getUserList instead.
void	init() Initializes the SecurityService, locating the apropriate UserManager This is a zero parameter variant which queries the Turbine Servlet for its config.
void	init(javax.servlet.ServletConfig config) Deprecated. use init() instead.
boolean	isAnonymousUser(User user) Checks whether a passed user object matches the anonymous user pattern according to the configured user manager
protected void	lockExclusive() Acquire an exclusive lock on the security information repository.
protected void	lockShared() Acquire a shared lock on the security information repository.
void	removeUser(User user) Removes an user account from the system.
void	saveOnSessionUnbind(User user) Saves User data when the session is unbound.
void	saveUser(User user) Saves User's data in the permanent storage.
void	setUserManager(UserManager userManager) Configure a new user Manager.
protected void	unlockExclusive() Release an exclusive lock on the security information repository.
protected void	unlockShared() Release a shared lock on the security information repository.

Methods inherited from class org.apache.turbine.services.TurbineBaseService

init, init, shutdown

Methods inherited from class org.apache.turbine.services.BaseService

getConfiguration, getName, getProperties, getServiceBroker, setName, setServiceBroker

Methods inherited from class org.apache.turbine.services.BaseInitable

getInit, getInitableBroker, setInit, setInitableBroker

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.turbine.services.security.SecurityService

addGroup, addPermission, addRole, getACL, getGroups, getPermissions, getPermissions, getRoles, grant, grant, removeGroup, removePermission, removeRole, renameGroup, renamePermission, renameRole, revoke, revoke, revokeAll, revokeAll, saveGroup, savePermission, saveRole

Methods inherited from interface org.apache.turbine.services.Service

getConfiguration, getName, getProperties, setName, setServiceBroker

Methods inherited from interface org.apache.turbine.services.Initable

getInit, init, setInitableBroker, shutdown

Constructor Detail

BaseSecurityService

public BaseSecurityService()

Method Detail

encryptPassword

public java.lang.String encryptPassword(java.lang.String password)

This method provides client-side encryption of passwords. If secure.passwords are enabled in TurbineResources, the password will be encrypted, if not, it will be returned unchanged. The secure.passwords.algorithm property can be used to chose which digest algorithm should be used for performing the encryption. SHA is used by default.

Specified by:

encryptPassword in interface SecurityService

Parameters:

password - the password to process

Returns:

processed password

encryptPassword

public java.lang.String encryptPassword(java.lang.String password,
                                        java.lang.String salt)

This method provides client-side encryption of passwords. If secure.passwords are enabled in TurbineResources, the password will be encrypted, if not, it will be returned unchanged. The secure.passwords.algorithm property can be used to chose which digest algorithm should be used for performing the encryption. SHA is used by default. The used algorithms must be prepared to accept null as a valid parameter for salt. All algorithms in the Fulcrum Cryptoservice accept this.

Specified by:

encryptPassword in interface SecurityService

Parameters:

password - the password to process

salt - algorithms that needs a salt can provide one here

Returns:

processed password

checkPassword

public boolean checkPassword(java.lang.String checkpw,
                             java.lang.String encpw)

Checks if a supplied password matches the encrypted password

Specified by:

checkPassword in interface SecurityService

Parameters:

checkpw - The clear text password supplied by the user

encpw - The current, encrypted password

Returns:

true if the password matches, else false

init

public void init()
          throws InitializationException

Initializes the SecurityService, locating the apropriate UserManager This is a zero parameter variant which queries the Turbine Servlet for its config.

Specified by:

init in interface Initable

Overrides:

init in class TurbineBaseService

Throws:

InitializationException - Something went wrong in the init stage

init

public void init(javax.servlet.ServletConfig config)
          throws InitializationException

Deprecated. use init() instead.

Initializes the SecurityService, locating the apropriate UserManager

Overrides:

init in class TurbineBaseService

Parameters:

config - a ServletConfig, to enforce early initialization

Throws:

InitializationException - Something went wrong in the init stage

getUserClass

public java.lang.Class getUserClass()
                             throws UnknownEntityException

Return a Class object representing the system's chosen implementation of of User interface.

Specified by:

getUserClass in interface SecurityService

Returns:

systems's chosen implementation of User interface.

Throws:

UnknownEntityException - if the implementation of User interface could not be determined, or does not exist.

getUserInstance

public User getUserInstance()
                     throws UnknownEntityException

Construct a blank User object. This method calls getUserClass, and then creates a new object using the default constructor.

Specified by:

getUserInstance in interface SecurityService

Returns:

an object implementing User interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getUserInstance

public User getUserInstance(java.lang.String userName)
                     throws UnknownEntityException

Construct a blank User object. This method calls getUserClass, and then creates a new object using the default constructor.

Specified by:

getUserInstance in interface SecurityService

Parameters:

userName - The name of the user.

Returns:

an object implementing User interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getGroupClass

public java.lang.Class getGroupClass()
                              throws UnknownEntityException

Return a Class object representing the system's chosen implementation of of Group interface.

Specified by:

getGroupClass in interface SecurityService

Returns:

systems's chosen implementation of Group interface.

Throws:

UnknownEntityException - if the implementation of Group interface could not be determined, or does not exist.

getGroupInstance

public Group getGroupInstance()
                       throws UnknownEntityException

Construct a blank Group object. This method calls getGroupClass, and then creates a new object using the default constructor.

Specified by:

getGroupInstance in interface SecurityService

Returns:

an object implementing Group interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getGroupInstance

public Group getGroupInstance(java.lang.String groupName)
                       throws UnknownEntityException

Construct a blank Group object. This method calls getGroupClass, and then creates a new object using the default constructor.

Specified by:

getGroupInstance in interface SecurityService

Parameters:

groupName - The name of the Group

Returns:

an object implementing Group interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getPermissionClass

public java.lang.Class getPermissionClass()
                                   throws UnknownEntityException

Return a Class object representing the system's chosen implementation of of Permission interface.

Specified by:

getPermissionClass in interface SecurityService

Returns:

systems's chosen implementation of Permission interface.

Throws:

UnknownEntityException - if the implementation of Permission interface could not be determined, or does not exist.

getPermissionInstance

public Permission getPermissionInstance()
                                 throws UnknownEntityException

Construct a blank Permission object. This method calls getPermissionClass, and then creates a new object using the default constructor.

Specified by:

getPermissionInstance in interface SecurityService

Returns:

an object implementing Permission interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getPermissionInstance

public Permission getPermissionInstance(java.lang.String permName)
                                 throws UnknownEntityException

Construct a blank Permission object. This method calls getPermissionClass, and then creates a new object using the default constructor.

Specified by:

getPermissionInstance in interface SecurityService

Parameters:

permName - The name of the permission.

Returns:

an object implementing Permission interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getRoleClass

public java.lang.Class getRoleClass()
                             throws UnknownEntityException

Return a Class object representing the system's chosen implementation of of Role interface.

Specified by:

getRoleClass in interface SecurityService

Returns:

systems's chosen implementation of Role interface.

Throws:

UnknownEntityException - if the implementation of Role interface could not be determined, or does not exist.

getRoleInstance

public Role getRoleInstance()
                     throws UnknownEntityException

Construct a blank Role object. This method calls getRoleClass, and then creates a new object using the default constructor.

Specified by:

getRoleInstance in interface SecurityService

Returns:

an object implementing Role interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getRoleInstance

public Role getRoleInstance(java.lang.String roleName)
                     throws UnknownEntityException

Construct a blank Role object. This method calls getRoleClass, and then creates a new object using the default constructor.

Specified by:

getRoleInstance in interface SecurityService

Parameters:

roleName - The name of the role.

Returns:

an object implementing Role interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getAclClass

public java.lang.Class getAclClass()
                            throws UnknownEntityException

Return a Class object representing the system's chosen implementation of of ACL interface.

Specified by:

getAclClass in interface SecurityService

Returns:

systems's chosen implementation of ACL interface.

Throws:

UnknownEntityException - if the implementation of ACL interface could not be determined, or does not exist.

getAclInstance

public AccessControlList getAclInstance(java.util.Map roles,
                                        java.util.Map permissions)
                                 throws UnknownEntityException

Construct a new ACL object. This constructs a new ACL object from the configured class and initializes it with the supplied roles and permissions.

Specified by:

getAclInstance in interface SecurityService

Parameters:

roles - The roles that this ACL should contain

permissions - The permissions for this ACL

Returns:

an object implementing ACL interface.

Throws:

UnknownEntityException - if the object could not be instantiated.

getUserManager

public UserManager getUserManager()

Returns the configured UserManager.

Specified by:

getUserManager in interface SecurityService

Returns:

An UserManager object

setUserManager

public void setUserManager(UserManager userManager)

Configure a new user Manager.

Specified by:

setUserManager in interface SecurityService

Parameters:

userManager - An UserManager object

accountExists

public boolean accountExists(User user)
                      throws DataBackendException

Check whether a specified user's account exists. The login name is used for looking up the account.

Specified by:

accountExists in interface SecurityService

Parameters:

user - The user to be checked.

Returns:

true if the specified account exists

Throws:

DataBackendException - if there was an error accessing the data backend.

accountExists

public boolean accountExists(java.lang.String userName)
                      throws DataBackendException

Check whether a specified user's account exists. The login name is used for looking up the account.

Specified by:

accountExists in interface SecurityService

Parameters:

userName - The name of the user to be checked.

Returns:

true if the specified account exists

Throws:

DataBackendException - if there was an error accessing the data backend.

getAuthenticatedUser

public User getAuthenticatedUser(java.lang.String username,
                                 java.lang.String password)
                          throws DataBackendException,
                                 UnknownEntityException,
                                 PasswordMismatchException

Authenticates an user, and constructs an User object to represent him/her.

Specified by:

getAuthenticatedUser in interface SecurityService

Parameters:

username - The user name.

password - The user password.

Returns:

An authenticated Turbine User.

Throws:

PasswordMismatchException - if the supplied password was incorrect.

UnknownEntityException - if the user's account does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

getUser

public User getUser(java.lang.String username)
             throws DataBackendException,
                    UnknownEntityException

Constructs an User object to represent a registered user of the application.

Specified by:

getUser in interface SecurityService

Parameters:

username - The user name.

Returns:

A Turbine User.

Throws:

UnknownEntityException - if the user's account does not exist

DataBackendException - if there is a problem accessing the storage.

getUsers

public User[] getUsers(org.apache.torque.util.Criteria criteria)
                throws DataBackendException

Deprecated. Use getUserList instead.

Retrieve a set of users that meet the specified criteria. As the keys for the criteria, you should use the constants that are defined in User interface, plus the names of the custom attributes you added to your user representation in the data storage. Use verbatim names of the attributes - without table name prefix in case of DB implementation.

Specified by:

getUsers in interface SecurityService

Parameters:

criteria - The criteria of selection.

Returns:

a List of users meeting the criteria.

Throws:

DataBackendException - if there is a problem accessing the storage.

getUserList

public java.util.List getUserList(org.apache.torque.util.Criteria criteria)
                           throws DataBackendException

Retrieve a set of users that meet the specified criteria. As the keys for the criteria, you should use the constants that are defined in User interface, plus the names of the custom attributes you added to your user representation in the data storage. Use verbatim names of the attributes - without table name prefix in case of DB implementation.

Specified by:

getUserList in interface SecurityService

Parameters:

criteria - The criteria of selection.

Returns:

a List of users meeting the criteria.

Throws:

DataBackendException - if there is a problem accessing the storage.

getAnonymousUser

public User getAnonymousUser()
                      throws UnknownEntityException

Constructs an User object to represent an anonymous user of the application.

Specified by:

getAnonymousUser in interface SecurityService

Returns:

An anonymous Turbine User.

Throws:

UnknownEntityException - if the implementation of User interface could not be determined, or does not exist.

isAnonymousUser

public boolean isAnonymousUser(User user)

Checks whether a passed user object matches the anonymous user pattern according to the configured user manager

Specified by:

isAnonymousUser in interface SecurityService

Parameters:

user - An user object

Returns:

True if this is an anonymous user

saveUser

public void saveUser(User user)
              throws UnknownEntityException,
                     DataBackendException

Saves User's data in the permanent storage. The user account is required to exist in the storage.

Specified by:

saveUser in interface SecurityService

Parameters:

user - the User object to save

Throws:

UnknownEntityException - if the user's account does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

saveOnSessionUnbind

public void saveOnSessionUnbind(User user)
                         throws UnknownEntityException,
                                DataBackendException

Saves User data when the session is unbound. The user account is required to exist in the storage. LastLogin, AccessCounter, persistent pull tools, and any data stored in the permData hashtable that is not mapped to a column will be saved.

Specified by:

saveOnSessionUnbind in interface SecurityService

Throws:

UnknownEntityException - if the user's account does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

addUser

public void addUser(User user,
                    java.lang.String password)
             throws DataBackendException,
                    EntityExistsException

Creates new user account with specified attributes.

Specified by:

addUser in interface SecurityService

Parameters:

user - the object describing account to be created.

password - The password to use for the account.

Throws:

DataBackendException - if there was an error accessing the data backend.

EntityExistsException - if the user account already exists.

removeUser

public void removeUser(User user)
                throws DataBackendException,
                       UnknownEntityException

Removes an user account from the system.

Specified by:

removeUser in interface SecurityService

Parameters:

user - the object describing the account to be removed.

Throws:

DataBackendException - if there was an error accessing the data backend.

UnknownEntityException - if the user account is not present.

changePassword

public void changePassword(User user,
                           java.lang.String oldPassword,
                           java.lang.String newPassword)
                    throws PasswordMismatchException,
                           UnknownEntityException,
                           DataBackendException

Change the password for an User.

Specified by:

changePassword in interface SecurityService

Parameters:

user - an User to change password for.

oldPassword - the current password supplied by the user.

newPassword - the current password requested by the user.

Throws:

PasswordMismatchException - if the supplied password was incorrect.

UnknownEntityException - if the user's record does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

forcePassword

public void forcePassword(User user,
                          java.lang.String password)
                   throws UnknownEntityException,
                          DataBackendException

Forcibly sets new password for an User. This is supposed by the administrator to change the forgotten or compromised passwords. Certain implementatations of this feature would require administrative level access to the authenticating server / program.

Specified by:

forcePassword in interface SecurityService

Parameters:

user - an User to change password for.

password - the new password.

Throws:

UnknownEntityException - if the user's record does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

lockShared

protected void lockShared()

Acquire a shared lock on the security information repository. Methods that read security information need to invoke this method at the beginning of their body.

unlockShared

protected void unlockShared()

Release a shared lock on the security information repository. Methods that read security information need to invoke this method at the end of their body.

lockExclusive

protected void lockExclusive()

Acquire an exclusive lock on the security information repository. Methods that modify security information need to invoke this method at the beginning of their body. Note! Those methods must be synchronized themselves!

unlockExclusive

protected void unlockExclusive()

Release an exclusive lock on the security information repository. This method is provided only for completeness. It does not really do anything. Note! Methods that modify security information must be synchronized!

getGlobalGroup

public Group getGlobalGroup()

Provides a reference to the Group object that represents the global group.

Specified by:

getGlobalGroup in interface SecurityService

Returns:

a Group object that represents the global group.

getGroup

public Group getGroup(java.lang.String name)
               throws DataBackendException,
                      UnknownEntityException

Deprecated. Use getGroupByName instead.

Retrieve a Group object with specified name.

Specified by:

getGroup in interface SecurityService

Parameters:

name - the name of the Group.

Returns:

an object representing the Group with specified name.

Throws:

DataBackendException - if there was an error accessing the data backend.

UnknownEntityException - if the group does not exist.

getGroupByName

public Group getGroupByName(java.lang.String name)
                     throws DataBackendException,
                            UnknownEntityException

Retrieve a Group object with specified name.

Specified by:

getGroupByName in interface SecurityService

Parameters:

name - the name of the Group.

Returns:

an object representing the Group with specified name.

Throws:

DataBackendException - if there was an error accessing the data backend.

UnknownEntityException - if the group does not exist.

getGroupById

public Group getGroupById(int id)
                   throws DataBackendException,
                          UnknownEntityException

Retrieve a Group object with specified Id.

Specified by:

getGroupById in interface SecurityService

Parameters:

id - the id of the Group.

Returns:

an object representing the Group with specified name.

Throws:

UnknownEntityException - if the permission does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

getRole

public Role getRole(java.lang.String name)
             throws DataBackendException,
                    UnknownEntityException

Deprecated. Use getRoleByName instead.

Retrieve a Role object with specified name.

Specified by:

getRole in interface SecurityService

Parameters:

name - the name of the Role.

Returns:

an object representing the Role with specified name.

Throws:

DataBackendException - if there was an error accessing the data backend.

UnknownEntityException - if the role does not exist.

getRoleByName

public Role getRoleByName(java.lang.String name)
                   throws DataBackendException,
                          UnknownEntityException

Retrieve a Role object with specified name.

Specified by:

getRoleByName in interface SecurityService

Parameters:

name - the name of the Role.

Returns:

an object representing the Role with specified name.

Throws:

DataBackendException - if there was an error accessing the data backend.

UnknownEntityException - if the role does not exist.

getRoleById

public Role getRoleById(int id)
                 throws DataBackendException,
                        UnknownEntityException

Retrieve a Role object with specified Id.

Specified by:

getRoleById in interface SecurityService

Parameters:

id - the id of the Role.

Returns:

an object representing the Role with specified name.

Throws:

UnknownEntityException - if the permission does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

getPermission

public Permission getPermission(java.lang.String name)
                         throws DataBackendException,
                                UnknownEntityException

Deprecated. Use getPermissionByName instead.

Retrieve a Permission object with specified name.

Specified by:

getPermission in interface SecurityService

Parameters:

name - the name of the Permission.

Returns:

an object representing the Permission with specified name.

Throws:

DataBackendException - if there was an error accessing the data backend.

UnknownEntityException - if the permission does not exist.

getPermissionByName

public Permission getPermissionByName(java.lang.String name)
                               throws DataBackendException,
                                      UnknownEntityException

Retrieve a Permission object with specified name.

Specified by:

getPermissionByName in interface SecurityService

Parameters:

name - the name of the Permission.

Returns:

an object representing the Permission with specified name.

Throws:

DataBackendException - if there was an error accessing the data backend.

UnknownEntityException - if the permission does not exist.

getPermissionById

public Permission getPermissionById(int id)
                             throws DataBackendException,
                                    UnknownEntityException

Retrieve a Permission object with specified Id.

Specified by:

getPermissionById in interface SecurityService

Parameters:

id - the id of the Permission.

Returns:

an object representing the Permission with specified name.

Throws:

UnknownEntityException - if the permission does not exist in the database.

DataBackendException - if there is a problem accessing the storage.

getAllGroups

public GroupSet getAllGroups()
                      throws DataBackendException

Retrieves all groups defined in the system.

Specified by:

getAllGroups in interface SecurityService

Returns:

the names of all groups defined in the system.

Throws:

DataBackendException - if there was an error accessing the data backend.

getAllRoles

public RoleSet getAllRoles()
                    throws DataBackendException

Retrieves all roles defined in the system.

Specified by:

getAllRoles in interface SecurityService

Returns:

the names of all roles defined in the system.

Throws:

DataBackendException - if there was an error accessing the data backend.

getAllPermissions

public PermissionSet getAllPermissions()
                                throws DataBackendException

Retrieves all permissions defined in the system.

Specified by:

getAllPermissions in interface SecurityService

Returns:

the names of all roles defined in the system.

Throws:

DataBackendException - if there was an error accessing the data backend.

getNewGroup

public Group getNewGroup(java.lang.String groupName)

Deprecated. Use getGroupInstance(String name) instead.

Specified by:

getNewGroup in interface SecurityService

getNewRole

public Role getNewRole(java.lang.String roleName)

Deprecated. Use getRoleInstance(String name) instead.

Specified by:

getNewRole in interface SecurityService

getNewPermission

public Permission getNewPermission(java.lang.String permissionName)

Deprecated. Use getPermissionInstance(String name) instead.

Specified by:

getNewPermission in interface SecurityService