All Packages Class Hierarchy This Package Previous Next Index
Class com.ibm.beans.samples.dips.sessauth.SessionAuthenticationDip
java.lang.Object
|
+----com.ibm.beans.samples.dips.sessauth.SessionAuthenticationDip
- public final class SessionAuthenticationDip
- extends Object
- implements Dip
The Session Authentication Dip provides access control for the bean
that is dipped.
Once a bean is dipped in Session Authentication, the end users are
required to validate themselves using a valid principal, a User ID and Password for example,
before the bean is
functional. Until the end user is validated or if validation fails, the bean is disabled by the Session
Authentication dip.
Disabling a bean that has not been successfully validated is accomplished by vetoing
all properties, methods, and events.
This class is serializable since the dip interface it implements is serializable
Access control is implemented using a principal, a principal query
and an authticator.
The principal is an entity that can be authenticated. A principal might consist of a
a User ID and a Password.
The principal query is an object that can obtain the information required for a principal.
A principal query might consist of an AWT dialog that prompts the end user for a User ID and
Password.
The authenticator is the entity that can validate a principal. An authenticator might validate a
User ID and Password entered by the user against a password file for example.
- See Also:
- SAPrincipal, SAPrincipalQuery, SAAuthenticator
-
SessionAuthenticationDip()
- Constructs a SessionAuthenticationDip.
-
createEventFireListener(Object, String[])
- Registers methods to call after the dippable bean
event method is called.
-
createImplementation(Object)
- Creates the Session Authentication Dip implementation.
-
createMethodCallListener(Object, String[])
- Registers methods to call after the dippable bean
method is called.
-
createPropertyChangeListener(Object, String[])
- Registers methods to call after the dippable bean
property changed methods is called.
-
createVetoableChangeListener(Object, String[])
- Registers methods to call before the dippable bean
property changed method is called.
-
createVetoableEventListener(Object, String[])
- Registers methods to call before the dippable bean
event method is called.
-
createVetoableMethodListener(Object, String[])
- Registers methods to call before the dippable bean
method is called.
-
includeInMorphedClass(String)
- Determines if a method should be included in a morphed class.
-
isRemovable()
- Indicates if this dip is removable.
-
priority()
- Sets the priority of the Session Authentication Dip.
-
releaseImplementation()
- Indicates SessionAuthenticationDip has nothing that needs to be released
when the Dip is removed from the bean.
-
typeName()
- Uniquely identifies this Dip.
-
worksWith(String)
- Indicates if the Session Authentication can work with the new dip.
SessionAuthenticationDip
public SessionAuthenticationDip()
- Constructs a SessionAuthenticationDip.
This also creates the dip implementation.
- See Also:
- SAImpl
priority
public final int priority()
- Sets the priority of the Session Authentication Dip.
The Session Authentication dip requests the
hightest priority allowable. The dip with the highest priority is
the first
Dip given that can veto a method, property, or event.
- Returns:
- an integer which sets the priority to the highest possible value.
- See Also:
- priority
typeName
public String typeName()
- Uniquely identifies this Dip. The string
identifies the Session Authentication Dip
object, not an instance.
All Session Authentication Dip instances return the
same value.
- Returns:
- A String that uniquely identifes the Session Authentication Dip.
- See Also:
- typeName
worksWith
public boolean worksWith(String newDip)
- Indicates if the Session Authentication can work with the new dip. If the Session
Authentication Dip cannot work with this dip, the Dipping Framework does not
add the new dip to the dippable bean.
- Parameters:
- newDip - A reference to the new dip with which the Session Authentication dip should
determine if it can work.
- Returns:
- true if the Session Authentication Dip can work with the new dip; false
otherwise.
- See Also:
- worksWith
isRemovable
public boolean isRemovable()
- Indicates if this dip is removable. The Session Authentication Dip is
not removable.
- Returns:
- true if this dip is removable; falseotherwise.
- See Also:
- isRemovable
createImplementation
public Object createImplementation(Object obj) throws DipRejectAdditionException
- Creates the Session Authentication Dip implementation. This object drives the
actual work of querying for a principal and authenticating that principal.
The Session Authentication Dip cannot be added to a dippable bean under the
following circumstances:
- If the dippable bean contains public final or static methods. A final or static method cannot
be intercepted by the dipping framework.
- The dippable bean must be using DippableBeanImp for its dippable
implementation because this dip relies on a priority
in which dips are invoked.
- Parameters:
- obj - A reference to the dippable bean.
- Returns:
- A reference to the object that implements Session Authentication Dip.
- Throws: DipRejectAdditionException
- Indicates that the
Session Authentication Dip cannot be added to the dippable bean.
- See Also:
- createImplementation
releaseImplementation
public void releaseImplementation()
- Indicates SessionAuthenticationDip has nothing that needs to be released
when the Dip is removed from the bean.
- See Also:
- releaseImplementation
includeInMorphedClass
public boolean includeInMorphedClass(String methodName)
- Determines if a method should be included in a morphed class.
When the dip is applied to a class as a pre-dip during morphing,
and the user elects to only override those methods in the dippable
class that the pre-dips agrees to, this method to used to determine
if a dip agrees to including a specific method.
createPropertyChangeListener
public DipPropertyChangeListener[] createPropertyChangeListener(Object imp,
String methods[])
- Registers methods to call after the dippable bean
property changed methods is called. The Session Authentication Dip does
not register any methods for the dippable bean property changed methods.
- Parameters:
- imp - The Session Authentication Dip implementation returned from
the createImplementation method.
- methods[] - An array of property changed methods in the dippable bean.
- Returns:
- null indicating that no methods are to be registered.
- See Also:
- createPropertyChangeListener
createVetoableChangeListener
public DipVetoableChangeListener[] createVetoableChangeListener(Object imp,
String methods[])
- Registers methods to call before the dippable bean
property changed method is called. These methods can prevent the dippable
bean method from being called by throwing the appropriate exception.
The Session Authentication Dip registers a method for all
of the dippable bean property changed methods. Until authentication is successful,
this dip vetos all property changed methods, preventing any state change in
the dippable bean.
The same Session Authentication dip method is registered for all
the dippable bean
vetoable methods. This method vetos the property set and get
methods
if authentication has not been successful, or returns otherwise.
- Parameters:
- imp - The Session Authentication Dip implementation returned from
createImplementation.
- methods[] - An array of property changed methods in the dippable bean.
- Returns:
- An array of methods to call before the dippable bean corresponding method.
- See Also:
- createVetoableChangeListener
createMethodCallListener
public DipMethodCallListener[] createMethodCallListener(Object imp,
String methods[])
- Registers methods to call after the dippable bean
method is called. The Session Authentication Dip only
registers a method for the dippable bean's readObject method. This is
the point at which the Session Authentication dip attempts to authenticate
the dippable bean.
If authentication is unsuccessful, then all subsequent properties, methods, and events
are vetoed by this dip.
- Parameters:
- imp - The Session Authentication Dip implementation returned from
createImplementation.
- methods[] - An array of property changed methods in the dippable bean.
- Returns:
- An array of nulls except for the element corresponding to the
dippable bean's readObject method.
- See Also:
- createMethodCallListener
createVetoableMethodListener
public DipVetoableMethodListener[] createVetoableMethodListener(Object imp,
String methods[])
- Registers methods to call before the dippable bean
method is called. These dip methods can prevent the dippable
bean method from being called by throwing the appropriate exception.
The Session Authentication Dip registers methods for all
of the dippable bean methods with the exception of:
- writeObject
-
Vetoing a writeObject call would prevent a bean that contained the dippable bean from
being serialized correctly. If the dippable bean's writeObject was not called,
a subsequent readObject on the containing bean could not de-serialize the
dippable bean.
- finalize
-
Because finalize is called when the dippable bean is garbage collected, it should not be
vetoed. It may contain important resource releasing logic or other cleanup logic.
- readObject and the dippable bean constructor
-
Because the dippable bean does not exist until these methods complete, they are
not vetoable.
The same Session Authentication method is registered for all the dippable bean
vetoable methods. This method vetos the dippable bean method by throwing
the appropriate exception if
authentication has not been successful, or returns otherwise.
- Parameters:
- imp - The Session Authentication Dip implementation returned from
the createImplementation method.
- methods[] - An array of methods in the dippable bean.
- Returns:
- An array of methods to call before the dippable bean's corresponding method.
- See Also:
- createVetoableMethodListener
createEventFireListener
public DipEventFireListener[] createEventFireListener(Object imp,
String methods[])
- Registers methods to call after the dippable bean
event method is called. The Session Authentication Dip does
not register any methods for the dippable bean event methods.
- Parameters:
- imp - The Session Authentication Dip implementation returned from
createImplementation.
- methods[] - An array of event methods in the dippable bean.
- Returns:
- null indicating that no event methods are intercepted.
- See Also:
- createEventFireListener
createVetoableEventListener
public DipVetoableEventListener[] createVetoableEventListener(Object imp,
String methods[])
- Registers methods to call before the dippable bean
event method is called. These dip methods can prevent the dippable
bean event method from being called by throwing the appropriate exception.
The Session Authentication Dip registers a method for all
of the dippable bean event methods. Until authentication is successful,
this dip vetos all event methods, preventing events from being
fired by the dippable bean.
The same Session Authentication dip method is registered for all
the dippable bean's
vetoable methods. This method vetos the event
if authentication has not been successful, or returns otherwise.
- Parameters:
- imp - The Session Authentication Dip implementation returned from
the createImplementation method.
- methods[] - An array of event methods in the dippable bean.
- Returns:
- An array of methods to call before the dippable bean corresponding method.
- See Also:
- createVetoableEventListener
All Packages Class Hierarchy This Package Previous Next Index