|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.turbine.modules.Assembler org.apache.turbine.modules.Action org.apache.turbine.modules.actions.sessionvalidator.SessionValidator org.apache.turbine.modules.actions.sessionvalidator.TemplateSecureSessionValidator
SessionValidator that requires login for use with Template Services
like Velocity or WebMacro.
Templating services requires a different Session Validator
because of the way it handles screens. If you use the WebMacro or
Velocity Service with the DefaultSessionValidator, users will be able to
bypass login by directly addressing the template using
template/index.wm. This is because the Page class looks for the
keyword "template" in the Path information and if it finds it will
reset the screen using it's lookup mechanism and thereby bypass
Login.
Note that you will need to set the template.login property to the
login template.
Constructor Summary | |
TemplateSecureSessionValidator()
|
Method Summary | |
void |
doPerform(RunData data)
doPerform is virtually identical to DefaultSessionValidator except that it calls template methods instead of bare screen methods. |
Methods inherited from class org.apache.turbine.modules.Action |
perform |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public TemplateSecureSessionValidator()
Method Detail |
public void doPerform(RunData data) throws TurbineException
setScreenTemplate
to
load the tr.props TEMPLATE_LOGIN instead of the default's
setScreen to TurbineConstants.SCREEN_LOGIN.
doPerform
in class Action
data
- Turbine information.
TurbineException
- The anonymous user could not be obtained
from the security serviceDefaultSessionValidator
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |