org.gersteinlab.tyna.webapp.security
Class SecurityController

java.lang.Object
  extended by org.gersteinlab.tyna.webapp.security.SecurityController

public class SecurityController
extends java.lang.Object

        This class is responsible for the security of the web application. Some
        of its main tasks include performing user authentication, and checking
        object access permissions.
        

Version:
1.0 (October 1, 2005) Change History: 1.0 - Initial version
Author:
Kevin Yuk-Lap Yip

Field Summary
static char READ
          Read access mode.
protected  javax.servlet.http.HttpSession session
          The current HTTP session.
protected static java.lang.String USER
          Constant for getting the user information.
static char WRITE
          Write access mode.
 
Constructor Summary
SecurityController(javax.servlet.http.HttpSession session)
          Create a new object.
 
Method Summary
 void checkCategoryPermission(int categoryId, char mode)
          Check if the current user has the right to access a category.
 void checkNetworkPermission(int networkId, char mode)
          Check if the current user has the right to access a network.
protected  java.lang.Object getAttribute(java.lang.String name)
          Get the value of an attribute from session.
 User getUser()
          Get the information of the current user.
 void login(java.lang.String name, java.lang.String password)
          Login.
 void logout()
          Logout.
 void register(User user, java.lang.String password)
          Register for a new account.
protected  void removeAttribute(java.lang.String name)
          Remove the value of an attribute from session.
protected  void setAttribute(java.lang.String name, java.lang.Object value)
          Set the value of an attribute to session.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

READ

public static final char READ
Read access mode.

See Also:
Constant Field Values

WRITE

public static final char WRITE
Write access mode.

See Also:
Constant Field Values

session

protected javax.servlet.http.HttpSession session
The current HTTP session.


USER

protected static final java.lang.String USER
Constant for getting the user information.

See Also:
Constant Field Values
Constructor Detail

SecurityController

public SecurityController(javax.servlet.http.HttpSession session)
Create a new object.

Parameters:
session - The current HTTP session
Method Detail

login

public void login(java.lang.String name,
                  java.lang.String password)
           throws SecurityException
Login. If successful, the user information will be stored in session. Otherwise, an exception will be thrown.

Parameters:
name - The login name
password - The password
Throws:
SecurityException - If the login is not successful

register

public void register(User user,
                     java.lang.String password)
              throws SecurityException
Register for a new account. If successful, the user information will be stored in session. Otherwise, an exception will be thrown.

Parameters:
user - The information of the user
password - The password
Throws:
SecurityException - If the login is not successful

getUser

public User getUser()
Get the information of the current user.

Returns:
The user information if logged in,
null otherwise

logout

public void logout()
Logout.


checkNetworkPermission

public void checkNetworkPermission(int networkId,
                                   char mode)
                            throws SecurityException
Check if the current user has the right to access a network.

Parameters:
networkId - The ID of the network
mode - Access mode
Throws:
SecurityException - If the user does not have the right to access the network in the given mode.

checkCategoryPermission

public void checkCategoryPermission(int categoryId,
                                    char mode)
                             throws SecurityException
Check if the current user has the right to access a category.

Parameters:
categoryId - The ID of the category
mode - Access mode
Throws:
SecurityException - If the user does not have the right to access the category in the given mode.

getAttribute

protected java.lang.Object getAttribute(java.lang.String name)
Get the value of an attribute from session.

Parameters:
name - The attribute name
Returns:
The attribute value

setAttribute

protected void setAttribute(java.lang.String name,
                            java.lang.Object value)
Set the value of an attribute to session.

Parameters:
name - The attribute name
value - The attribute value

removeAttribute

protected void removeAttribute(java.lang.String name)
Remove the value of an attribute from session.

Parameters:
name - The attribute name