org.apache.turbine.modules.screens
Class JSONSecureScreen
java.lang.Object
org.apache.turbine.modules.Assembler
org.apache.turbine.modules.Screen
org.apache.turbine.modules.screens.RawScreen
org.apache.turbine.modules.screens.JSONScreen
org.apache.turbine.modules.screens.JSONSecureScreen
- public abstract class JSONSecureScreen
- extends JSONScreen
An extension to JSONScreen that performs a Security Check before invoking
doBuildTemplate(). You should extend this class and add the specific
security check needed. If you have a number of screens that need to perform
the same check, you could make a base screen by extending this class and
implementing the isAuthorized(). Then each screen that needs to perform the
same check could extend your base screen.
Typically you would extend this class and override the doOutput() method
to use TurbineJsonRpc to register the POJOs that will provide the functions
you are making available via JSON-RPC. Use JSONScreen if you
do not
need the user to be logged in prior to executing the functions you provide.
Here is an example from a superclass:
public void doOutput(RunData data) throws Exception
{
User user = data.getUser();
MySecureJsonFunctions myFunctions
= new MySecureJsonFunctions(user.getName());
// Session specific
TurbineJsonRpc.registerObject(data.getSession(), "myFunctions", myFunctions);
// Global
//TurbineJsonRpc.registerObjectGlobal("testGlobal", testObject);
super.doOutput(data);
}
The class MyFunctions would be something like:
public class MySecureJsonFunctions
{
private final String name;
public MySecureJsonFunctions(String name)
{
this.name = name;
}
private String getName(String clientParameter)
{
return "Client " + clientParameter + " says Hello World to " + name;
}
}
- Version:
- $Id$
- Author:
- Scott Eade
Method Summary |
protected void |
doOutput(RunData data)
This method overrides the method in JSONScreen to perform a security
check prior to producing the output. |
protected abstract boolean |
isAuthorized(RunData data)
Override this method to perform the necessary security checks. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
JSONSecureScreen
public JSONSecureScreen()
doOutput
protected void doOutput(RunData data)
throws java.lang.Exception
- This method overrides the method in JSONScreen to perform a security
check prior to producing the output.
- Overrides:
doOutput
in class JSONScreen
- Parameters:
data
- Turbine information.
- Throws:
Exception,
- a generic exception.
java.lang.Exception
isAuthorized
protected abstract boolean isAuthorized(RunData data)
throws java.lang.Exception
- Override this method to perform the necessary security checks.
- Parameters:
data
- Turbine information.
- Returns:
true
if the user is authorized to access the screen.
- Throws:
java.lang.Exception
- A generic exception.
Copyright © 2000-2008 Apache Software Foundation. All Rights Reserved.