예제 #1
0
 /**
  * Get the default phases at which restrictions should be applied, by looking for
  * a @RestrictAtPhase on a matching @ViewPattern, falling back on global defaults if none are
  * found
  *
  * @param viewId
  * @return default phases for a view
  */
 public PhaseIdType[] getDefaultPhases(String viewId) {
   PhaseIdType[] defaultPhases = null;
   RestrictAtPhase restrictAtPhase =
       viewConfigStore.getAnnotationData(viewId, RestrictAtPhase.class);
   if (restrictAtPhase != null) {
     defaultPhases = restrictAtPhase.value();
   }
   if (defaultPhases == null) {
     defaultPhases = RestrictAtPhaseDefault.DEFAULT_PHASES;
   }
   return defaultPhases;
 }
예제 #2
0
 /**
  * Perform the navigation to the @LoginView. If not @LoginView is defined, return a 401 response.
  * The original view id requested by the user is stored in the session map, for use after a
  * successful login.
  *
  * @param context
  * @param viewRoot
  */
 private void redirectToLoginPage(FacesContext context, UIViewRoot viewRoot) {
   Map<String, Object> sessionMap = context.getExternalContext().getSessionMap();
   preLoginEvent.fire(new PreLoginEvent(context, sessionMap));
   LoginView loginView = viewConfigStore.getAnnotationData(viewRoot.getViewId(), LoginView.class);
   if (loginView == null || loginView.value() == null || loginView.value().isEmpty()) {
     log.debug("Returning 401 response (login required)");
     context.getExternalContext().setResponseStatus(401);
     context.responseComplete();
     return;
   }
   String loginViewId = loginView.value();
   log.debugf("Redirecting to configured LoginView %s", loginViewId);
   NavigationHandler navHandler = context.getApplication().getNavigationHandler();
   navHandler.handleNavigation(context, "", loginViewId);
   context.renderResponse();
 }
예제 #3
0
 /**
  * Perform the navigation to the @AccessDeniedView. If not @AccessDeniedView is defined, return a
  * 401 response
  *
  * @param context
  * @param viewRoot
  */
 private void redirectToAccessDeniedView(FacesContext context, UIViewRoot viewRoot) {
   AccessDeniedView accessDeniedView =
       viewConfigStore.getAnnotationData(viewRoot.getViewId(), AccessDeniedView.class);
   if (accessDeniedView == null
       || accessDeniedView.value() == null
       || accessDeniedView.value().isEmpty()) {
     log.debug("Returning 401 response (access denied)");
     context.getExternalContext().setResponseStatus(401);
     context.responseComplete();
     return;
   }
   String accessDeniedViewId = accessDeniedView.value();
   log.debugf("Redirecting to configured AccessDenied %s", accessDeniedViewId);
   NavigationHandler navHandler = context.getApplication().getNavigationHandler();
   navHandler.handleNavigation(context, "", accessDeniedViewId);
   context.renderResponse();
 }
예제 #4
0
 /**
  * Retrieve all annotations from the ViewConfigStore for a given a JSF phase, and a view id, and
  * where the annotation is qualified by @SecurityBindingType
  *
  * @param currentPhase
  * @param viewId
  * @return list of restrictions applicable to this viewId and PhaseTypeId
  */
 public List<? extends Annotation> getRestrictionsForPhase(
     PhaseIdType currentPhase, String viewId) {
   List<? extends Annotation> allSecurityAnnotations =
       viewConfigStore.getAllQualifierData(viewId, SecurityBindingType.class);
   List<Annotation> applicableSecurityAnnotations = null;
   for (Annotation annotation : allSecurityAnnotations) {
     PhaseIdType[] defaultPhases = getDefaultPhases(viewId);
     if (isAnnotationApplicableToPhase(annotation, currentPhase, defaultPhases)) {
       if (applicableSecurityAnnotations
           == null) { // avoid spawning arrays at all phases of the lifecycle
         applicableSecurityAnnotations = new ArrayList<Annotation>();
       }
       applicableSecurityAnnotations.add(annotation);
     }
   }
   return applicableSecurityAnnotations;
 }