deltaspike-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rafab...@apache.org
Subject svn commit: r1615661 - /deltaspike/site/trunk/content/security.mdtext
Date Mon, 04 Aug 2014 16:41:38 GMT
Author: rafabene
Date: Mon Aug  4 16:41:38 2014
New Revision: 1615661

URL: http://svn.apache.org/r1615661
Log:
DELTASPIKE-677 - document ds-security to Make intitially requested and secured page available
for redirect after login

Modified:
    deltaspike/site/trunk/content/security.mdtext

Modified: deltaspike/site/trunk/content/security.mdtext
URL: http://svn.apache.org/viewvc/deltaspike/site/trunk/content/security.mdtext?rev=1615661&r1=1615660&r2=1615661&view=diff
==============================================================================
--- deltaspike/site/trunk/content/security.mdtext (original)
+++ deltaspike/site/trunk/content/security.mdtext Mon Aug  4 16:41:38 2014
@@ -231,7 +231,7 @@ This interface is (besides the `Secured`
         public Set<SecurityViolation> checkPermission(AccessDecisionVoterContext accessDecisionVoterContext)
         {
             Method method = accessDecisionVoterContext.<InvocationContext>getSource().getMethod();
-    
+
             //...
         }
     }
@@ -259,7 +259,7 @@ Example:
             violations.add(newSecurityViolation("access not allowed due to ..."));
         }
     }
-    
+
 
 ## @Secured and Stereotypes with custom Meta-data
 
@@ -274,7 +274,7 @@ Stereotype support of @Secured:
     {
       //...
     }
-    
+
     //...
     @Stereotype
     @Secured(RoleAccessDecisionVoter.class)
@@ -293,7 +293,7 @@ Stereotype of @Secured with custom meta-
     {
       //...
     }
-    
+
     //...
     @Stereotype
     @Secured(RoleAccessDecisionVoter.class)
@@ -301,12 +301,12 @@ Stereotype of @Secured with custom meta-
     {
       int securityLevel();
     }
-    
+
     @ApplicationScoped
     public class RoleAccessDecisionVoter implements AccessDecisionVoter
     {
         private static final long serialVersionUID = -8007511215776345835L;
-    
+
         public Set<SecurityViolation> checkPermission(AccessDecisionVoterContext voterContext)
         {
             Admin admin = voterContext.getMetaDataFor(Admin.class.getName(), Admin.class);
@@ -327,7 +327,7 @@ DeltaSpike can be combined with pure CDI
     public class LoginService implements Serializable {
 
         @Inject
-        private Event<UserLoggedInEvent> userLoggedInEvent; 
+        private Event<UserLoggedInEvent> userLoggedInEvent;
 
         public Usuario login(String username, char[] password) {
             //do the loggin process
@@ -335,7 +335,7 @@ DeltaSpike can be combined with pure CDI
         }
 
     }
-    
+
 2. Use @SessionScoped or @WindowScoped for AdminAccessDecisionVoter and store the denied
page on your own.
 
     :::java
@@ -344,7 +344,7 @@ DeltaSpike can be combined with pure CDI
 
         @Inject
         private ViewConfigResolver viewConfigResolver;
-        
+
         private Class<? extends ViewConfig> deniedPage = Pages.Home.class;
 
         @Override
@@ -365,24 +365,24 @@ DeltaSpike can be combined with pure CDI
             }
         }
     }
-    
-3. And in AuthenticationListener you inject AdminAccessDecisionVoter    
+
+3. And in AuthenticationListener you inject AdminAccessDecisionVoter
 
     :::java
     public class AuthenticationListener {
-    
+
         @Inject
         private ViewNavigationHandler viewNavigationHandler;
-    
+
         @Inject
         private AdminAccessDecisionVoter adminAccessDecisionVoter;
-    
+
         public void handleLoggedIn(@Observes UserLoggedInEvent event) {
             this.viewNavigationHandler.navigateTo(adminAccessDecisionVoter.getDeniedPage());
         }
 
     }
-    
+
 ## PicketLink Implementation to redirect the login to the first denied page
 
 Once that PicketLink handles the authentication for you, you only need to store the denied
page and observe PicketLink `LoggedInEvent` to redirect you back to the denied page.
@@ -420,24 +420,24 @@ Once that PicketLink handles the authent
             }
         }
     }
-    
-2. And in AuthenticationListener you inject AdminAccessDecisionVoter    
+
+2. And in AuthenticationListener you inject AdminAccessDecisionVoter
 
     :::java
     public class AuthenticationListener {
-    
+
         @Inject
         private ViewNavigationHandler viewNavigationHandler;
-    
+
         @Inject
         private AdminAccessDecisionVoter adminAccessDecisionVoter;
-    
+
         public void handleLoggedIn(@Observes LoggedInEvent event) {
             this.viewNavigationHandler.navigateTo(adminAccessDecisionVoter.getDeniedPage());
         }
 
-    }    
-    
+    }
+
 # AccessDecisionVoterContext
 
 Because the `AccessDecisionVoter` can be chained, `AccessDecisionVoterContext` allows to
get the current state as well as the results of the security check.
@@ -448,7 +448,7 @@ There are several methods that can be us
 - `getViolations()` - Exposes the found violations
 - `getSource()` - Exposes e.g. the current instance of `javax.interceptor.InvocationContext`
in combination with `@Secured` used as interceptor.
 - `getMetaData()` - Exposes the found meta-data e.g. the view-config-class if `@Secured`
is used in combination with type-safe view-configs
-- `getMetaDataFor(String, Class<T>)` - Exposes meta-data for the given key 
+- `getMetaDataFor(String, Class<T>)` - Exposes meta-data for the given key
 
 ## SecurityStrategy SPI
 



Mime
View raw message