• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Need help - Authorization

 
Ranch Hand
Posts: 101
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I want to create a method to authorize a role for accessing forms in a desktop application.Method name is authorize(String actions).i need to check the permissions for the actions that i'm getting from other class. i have to compare the role and actions against that in the policy file. i need to make sure that the role has the necessary permissions to access those forms.

Also i'm stuck up in the folowing code.

permissionColection.implies(new PropertyPermission("name","action"));
What does name and action denotes ? Can i assign jar name or class name to "action" ??


Attaching the code:

import java.io.File;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Policy;
import java.util.PropertyPermission;

public class ClientSecurityManager extends Policy
{

static String userRole;
public ClientSecurityManager()
{

}

/*
* Authenticate the user and stores the role in memory.
*/
public boolean authenticate(String userName,String password)
{
//Calls method of Jazn for doing authentication.
//return the boolean value as the result of authentication and role.
//userRole = role;
return true;
}

public boolean authorize(String action)
{

String action1 = " ";
URL codebase = null;

try {

//Get permissions for a directory
codebase = new File("action1").toURL();


} catch(MalformedURLException e) {
}

// Construct a code source with the code base
CodeSource cs = new CodeSource(codebase,null);

PermissionCollection pcoll = Policy.getPolicy().getPermissions(cs);
boolean permissionStatus = pcoll.implies(new PropertyPermission("name","action") );

return true;
}

public void refresh() {

}

public PermissionCollection getPermissions(CodeSource cs) {

PermissionCollection permissionCollection = null;

permissionCollection.add(new PropertyPermission("name","action"));


return permissionCollection;
}

}

I hope i could get some idea from you javaranchers....
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic