DefaultSecurityService (Apache Turbine 4.0-M2 API)

java.lang.Object
- org.apache.turbine.services.BaseInitable
- - org.apache.turbine.services.BaseService
  - - org.apache.turbine.services.TurbineBaseService
    - - org.apache.turbine.services.security.DefaultSecurityService

All Implemented Interfaces:

Initable, SecurityService, Service
```
public class DefaultSecurityService
extends TurbineBaseService
implements SecurityService
```
This is a common subset of SecurityService implementation. Provided functionality includes:
- methods for retrieving User objects, that delegates functionality to the pluggable implementations of the User interface.
- synchronization mechanism for methods reading/modifying the security information, that guarantees that multiple threads may read the information concurrently, but threads that modify the information acquires exclusive access.
- implementation of convenience methods for retrieving security entities that maintain in-memory caching of objects for fast access.
Version:

$Id: DefaultSecurityService.java 1524210 2013-09-17 20:22:56Z tv $

Author:

Rafal Krzewski, Henning P. Schmiedehausen, Marco Knüttel, Quinton McCombs

Field Summary
- Fields inherited from class org.apache.turbine.services.BaseService
  configuration, name, serviceBroker
- Fields inherited from class org.apache.turbine.services.BaseInitable
  initableBroker, isInitialized
- Fields inherited from interface org.apache.turbine.services.security.SecurityService
  SERVICE_NAME, USER_MANAGER_DEFAULT, USER_MANAGER_KEY

Constructor Summary

Constructors
Constructor and Description

DefaultSecurityService()

Constructors
Constructor and Description
`DefaultSecurityService()`

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`accountExists(String userName)` Check whether a specified user's account exists.
`boolean`	`accountExists(User user)` Check whether a specified user's account exists.
`<G extends org.apache.fulcrum.security.entity.Group> G`	`addGroup(G group)` Creates a new group with specified attributes.
`<P extends org.apache.fulcrum.security.entity.Permission> P`	`addPermission(P permission)` Creates a new permission with specified attributes.
`<R extends org.apache.fulcrum.security.entity.Role> R`	`addRole(R role)` Creates a new role with specified attributes.
`void`	`addUser(User user, String password)` Creates new user account with specified attributes.
`void`	`changePassword(User user, String oldPassword, String newPassword)` Change the password for an User.
`void`	`forcePassword(User user, String password)` Forcibly sets new password for an User.
`<A extends org.apache.fulcrum.security.acl.AccessControlList> A`	`getACL(User user)` Constructs an AccessControlList for a specific user.
`org.apache.fulcrum.security.util.GroupSet`	`getAllGroups()` Retrieves all groups defined in the system.
`org.apache.fulcrum.security.util.PermissionSet`	`getAllPermissions()` Retrieves all permissions defined in the system.
`org.apache.fulcrum.security.util.RoleSet`	`getAllRoles()` Retrieves all roles defined in the system.
`<U extends User> U`	`getAnonymousUser()` Constructs an User object to represent an anonymous user of the application.
`<U extends User> U`	`getAuthenticatedUser(String username, String password)` Authenticates an user, and constructs an User object to represent him/her.
`<G extends org.apache.fulcrum.security.entity.Group> G`	`getGlobalGroup()` Provides a reference to the Group object that represents the global group.
`<G extends org.apache.fulcrum.security.entity.Group> G`	`getGroupById(int id)` Retrieve a Group object with specified Id.
`<G extends org.apache.fulcrum.security.entity.Group> G`	`getGroupByName(String name)` Retrieve a Group object with specified name.
`<G extends org.apache.fulcrum.security.entity.Group> G`	`getGroupInstance()` Construct a blank Group object.
`<G extends org.apache.fulcrum.security.entity.Group> G`	`getGroupInstance(String groupName)` Construct a blank Group object.
`<P extends org.apache.fulcrum.security.entity.Permission> P`	`getPermissionById(int id)` Retrieve a Permission object with specified Id.
`<P extends org.apache.fulcrum.security.entity.Permission> P`	`getPermissionByName(String name)` Retrieve a Permission object with specified name.
`<P extends org.apache.fulcrum.security.entity.Permission> P`	`getPermissionInstance()` Construct a blank Permission object.
`<P extends org.apache.fulcrum.security.entity.Permission> P`	`getPermissionInstance(String permName)` Construct a blank Permission object.
`org.apache.fulcrum.security.util.PermissionSet`	`getPermissions(org.apache.fulcrum.security.entity.Role role)` Retrieves all permissions associated with a role.
`<R extends org.apache.fulcrum.security.entity.Role> R`	`getRoleById(int id)` Retrieve a Role object with specified Id.
`<R extends org.apache.fulcrum.security.entity.Role> R`	`getRoleByName(String name)` Retrieve a Role object with specified name.
`<R extends org.apache.fulcrum.security.entity.Role> R`	`getRoleInstance()` Construct a blank Role object.
`<R extends org.apache.fulcrum.security.entity.Role> R`	`getRoleInstance(String roleName)` Construct a blank Role object.
`<U extends User> U`	`getUser(String username)` Constructs an User object to represent a registered user of the application.
`<U extends User> U`	`getUserInstance()` Construct a blank User object.
`<U extends User> U`	`getUserInstance(String userName)` Construct a blank User object.
`UserManager`	`getUserManager()` Returns the configured UserManager.
`void`	`grant(org.apache.fulcrum.security.entity.Role role, org.apache.fulcrum.security.entity.Permission permission)` Grants a Role a Permission
`void`	`grant(User user, org.apache.fulcrum.security.entity.Group group, org.apache.fulcrum.security.entity.Role role)` Grant an User a Role in a Group.
`void`	`init()` Initializes the SecurityService, locating the appropriate UserManager This is a zero parameter variant which queries the Turbine Servlet for its config.
`boolean`	`isAnonymousUser(User user)` Checks whether a passed user object matches the anonymous user pattern according to the configured user manager
`protected void`	`lockExclusive()` Acquire an exclusive lock on the security information repository.
`protected void`	`lockShared()` Acquire a shared lock on the security information repository.
`void`	`removeGroup(org.apache.fulcrum.security.entity.Group group)` Removes a Group from the system.
`void`	`removePermission(org.apache.fulcrum.security.entity.Permission permission)` Removes a Permission from the system.
`void`	`removeRole(org.apache.fulcrum.security.entity.Role role)` Removes a Role from the system.
`void`	`removeUser(User user)` Removes an user account from the system.
`void`	`renameGroup(org.apache.fulcrum.security.entity.Group group, String name)` Renames an existing Group.
`void`	`renamePermission(org.apache.fulcrum.security.entity.Permission permission, String name)` Renames an existing Permission.
`void`	`renameRole(org.apache.fulcrum.security.entity.Role role, String name)` Renames an existing Role.
`void`	`revoke(org.apache.fulcrum.security.entity.Role role, org.apache.fulcrum.security.entity.Permission permission)` Revokes a Permission from a Role.
`void`	`revoke(User user, org.apache.fulcrum.security.entity.Group group, org.apache.fulcrum.security.entity.Role role)` Revoke a Role in a Group from an User.
`void`	`revokeAll(org.apache.fulcrum.security.entity.Role role)` Revokes all permissions from a Role.
`void`	`revokeAll(User user)` Revokes all roles from an User.
`void`	`saveOnSessionUnbind(User user)` Saves User data when the session is unbound.
`void`	`saveUser(User user)` Saves User's data in the permanent storage.
`protected void`	`unlockExclusive()` Release an exclusive lock on the security information repository.
`protected void`	`unlockShared()` Release a shared lock on the security information repository.

Methods inherited from class org.apache.turbine.services.TurbineBaseService
init, init, shutdown

Methods inherited from class org.apache.turbine.services.BaseService
getConfiguration, getName, getProperties, getServiceBroker, setName, setServiceBroker

Methods inherited from class org.apache.turbine.services.BaseInitable
getInit, getInitableBroker, setInit, setInitableBroker

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.turbine.services.Service
getConfiguration, getName, getProperties, setName, setServiceBroker

Methods inherited from interface org.apache.turbine.services.Initable
getInit, init, setInitableBroker, shutdown

- Constructor Detail
 - DefaultSecurityService
```
public DefaultSecurityService()
```
- Method Detail
 - init
```
public void init()
 throws InitializationException
```
 Initializes the SecurityService, locating the appropriate UserManager This is a zero parameter variant which queries the Turbine Servlet for its config.
 
 Specified by:
 
 init in interface Initable
 
 Overrides:
 
 init in class TurbineBaseService
 
 Throws:
 
 InitializationException - Something went wrong in the init stage
 - getUserInstance
```
public  U getUserInstance()
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank User object.
 
 Specified by:
 
 getUserInstance in interface SecurityService
 
 Returns:
 an object implementing User interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getUserInstance
```
public  U getUserInstance(String userName)
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank User object.
 
 Specified by:
 
 getUserInstance in interface SecurityService
 
 Parameters:
 userName - The name of the user.
 
 Returns:
 an object implementing User interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getGroupInstance
```
public <G extends org.apache.fulcrum.security.entity.Group> G getGroupInstance()
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank Group object.
 
 Specified by:
 
 getGroupInstance in interface SecurityService
 
 Returns:
 an object implementing Group interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getGroupInstance
```
public <G extends org.apache.fulcrum.security.entity.Group> G getGroupInstance(String groupName)
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank Group object.
 
 Specified by:
 
 getGroupInstance in interface SecurityService
 
 Parameters:
 groupName - The name of the Group
 
 Returns:
 an object implementing Group interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getPermissionInstance
```
public  P getPermissionInstance()
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank Permission object.
 
 Specified by:
 
 getPermissionInstance in interface SecurityService
 
 Returns:
 an object implementing Permission interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getPermissionInstance
```
public  P getPermissionInstance(String permName)
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank Permission object.
 
 Specified by:
 
 getPermissionInstance in interface SecurityService
 
 Parameters:
 permName - The name of the permission.
 
 Returns:
 an object implementing Permission interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getRoleInstance
```
public <R extends org.apache.fulcrum.security.entity.Role> R getRoleInstance()
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank Role object.
 
 Specified by:
 
 getRoleInstance in interface SecurityService
 
 Returns:
 an object implementing Role interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getRoleInstance
```
public <R extends org.apache.fulcrum.security.entity.Role> R getRoleInstance(String roleName)
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Construct a blank Role object.
 
 Specified by:
 
 getRoleInstance in interface SecurityService
 
 Parameters:
 roleName - The name of the role.
 
 Returns:
 an object implementing Role interface.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the object could not be instantiated.
 - getUserManager
```
public UserManager getUserManager()
```
 Returns the configured UserManager.
 
 Specified by:
 
 getUserManager in interface SecurityService
 
 Returns:
 An UserManager object
 - accountExists
```
public boolean accountExists(User user)
 throws org.apache.fulcrum.security.util.DataBackendException
```
 Check whether a specified user's account exists. The login name is used for looking up the account.
 
 Specified by:
 
 accountExists in interface SecurityService
 
 Parameters:
 user - The user to be checked.
 
 Returns:
 true if the specified account exists
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 - accountExists
```
public boolean accountExists(String userName)
 throws org.apache.fulcrum.security.util.DataBackendException
```
 Check whether a specified user's account exists. The login name is used for looking up the account.
 
 Specified by:
 
 accountExists in interface SecurityService
 
 Parameters:
 userName - The name of the user to be checked.
 
 Returns:
 true if the specified account exists
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 - getAuthenticatedUser
```
public  U getAuthenticatedUser(String username,
 String password)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException,
 org.apache.fulcrum.security.util.PasswordMismatchException
```
 Authenticates an user, and constructs an User object to represent him/her.
 
 Specified by:
 
 getAuthenticatedUser in interface SecurityService
 
 Parameters:
 username - The user name.
 password - The user password.
 
 Returns:
 An authenticated Turbine User.
 
 Throws:
 
 org.apache.fulcrum.security.util.PasswordMismatchException - if the supplied password was incorrect.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the user's account does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - getUser
```
public  U getUser(String username)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Constructs an User object to represent a registered user of the application.
 
 Specified by:
 
 getUser in interface SecurityService
 
 Parameters:
 username - The user name.
 
 Returns:
 A Turbine User.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the user's account does not exist
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - getAnonymousUser
```
public  U getAnonymousUser()
 throws org.apache.fulcrum.security.util.UnknownEntityException
```
 Constructs an User object to represent an anonymous user of the application.
 
 Specified by:
 
 getAnonymousUser in interface SecurityService
 
 Returns:
 An anonymous Turbine User.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the implementation of User interface could not be determined, or does not exist.
 - isAnonymousUser
```
public boolean isAnonymousUser(User user)
```
 Checks whether a passed user object matches the anonymous user pattern according to the configured user manager
 
 Specified by:
 
 isAnonymousUser in interface SecurityService
 
 Parameters:
 user - An user object
 
 Returns:
 True if this is an anonymous user
 - saveUser
```
public void saveUser(User user)
 throws org.apache.fulcrum.security.util.UnknownEntityException,
 org.apache.fulcrum.security.util.DataBackendException
```
 Saves User's data in the permanent storage. The user account is required to exist in the storage.
 
 Specified by:
 
 saveUser in interface SecurityService
 
 Parameters:
 user - the User object to save
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the user's account does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - saveOnSessionUnbind
```
public void saveOnSessionUnbind(User user)
 throws org.apache.fulcrum.security.util.UnknownEntityException,
 org.apache.fulcrum.security.util.DataBackendException
```
 Saves User data when the session is unbound. The user account is required to exist in the storage. LastLogin, AccessCounter, persistent pull tools, and any data stored in the permData hashtable that is not mapped to a column will be saved.
 
 Specified by:
 
 saveOnSessionUnbind in interface SecurityService
 
 Parameters:
 user - the user object
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the user's account does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - addUser
```
public void addUser(User user,
 String password)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.EntityExistsException
```
 Creates new user account with specified attributes.
 
 Specified by:
 
 addUser in interface SecurityService
 
 Parameters:
 user - the object describing account to be created.
 password - The password to use for the account.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.EntityExistsException - if the user account already exists.
 - removeUser
```
public void removeUser(User user)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Removes an user account from the system.
 
 Specified by:
 
 removeUser in interface SecurityService
 
 Parameters:
 user - the object describing the account to be removed.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the user account is not present.
 - changePassword
```
public void changePassword(User user,
 String oldPassword,
 String newPassword)
 throws org.apache.fulcrum.security.util.PasswordMismatchException,
 org.apache.fulcrum.security.util.UnknownEntityException,
 org.apache.fulcrum.security.util.DataBackendException
```
 Change the password for an User.
 
 Specified by:
 
 changePassword in interface SecurityService
 
 Parameters:
 user - an User to change password for.
 oldPassword - the current password supplied by the user.
 newPassword - the current password requested by the user.
 
 Throws:
 
 org.apache.fulcrum.security.util.PasswordMismatchException - if the supplied password was incorrect.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the user's record does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - forcePassword
```
public void forcePassword(User user,
 String password)
 throws org.apache.fulcrum.security.util.UnknownEntityException,
 org.apache.fulcrum.security.util.DataBackendException
```
 Forcibly sets new password for an User. This is supposed by the administrator to change the forgotten or compromised passwords. Certain implementatations of this feature would require administrative level access to the authenticating server / program.
 
 Specified by:
 
 forcePassword in interface SecurityService
 
 Parameters:
 user - an User to change password for.
 password - the new password.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the user's record does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - lockShared
```
protected void lockShared()
```
 Acquire a shared lock on the security information repository. Methods that read security information need to invoke this method at the beginning of their body.
 - unlockShared
```
protected void unlockShared()
```
 Release a shared lock on the security information repository. Methods that read security information need to invoke this method at the end of their body.
 - lockExclusive
```
protected void lockExclusive()
```
 Acquire an exclusive lock on the security information repository. Methods that modify security information need to invoke this method at the beginning of their body. Note! Those methods must be synchronized themselves!
 - unlockExclusive
```
protected void unlockExclusive()
```
 Release an exclusive lock on the security information repository. This method is provided only for completeness. It does not really do anything. Note! Methods that modify security information must be synchronized!
 - getGlobalGroup
```
public <G extends org.apache.fulcrum.security.entity.Group> G getGlobalGroup()
```
 Provides a reference to the Group object that represents the global group.
 
 Specified by:
 
 getGlobalGroup in interface SecurityService
 
 Returns:
 a Group object that represents the global group.
 - getGroupByName
```
public <G extends org.apache.fulcrum.security.entity.Group> G getGroupByName(String name)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Retrieve a Group object with specified name.
 
 Specified by:
 
 getGroupByName in interface SecurityService
 
 Parameters:
 name - the name of the Group.
 
 Returns:
 an object representing the Group with specified name.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the group does not exist.
 - getGroupById
```
public <G extends org.apache.fulcrum.security.entity.Group> G getGroupById(int id)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Retrieve a Group object with specified Id.
 
 Specified by:
 
 getGroupById in interface SecurityService
 
 Parameters:
 id - the id of the Group.
 
 Returns:
 an object representing the Group with specified name.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the permission does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - getRoleByName
```
public <R extends org.apache.fulcrum.security.entity.Role> R getRoleByName(String name)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Retrieve a Role object with specified name.
 
 Specified by:
 
 getRoleByName in interface SecurityService
 
 Parameters:
 name - the name of the Role.
 
 Returns:
 an object representing the Role with specified name.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the role does not exist.
 - getRoleById
```
public <R extends org.apache.fulcrum.security.entity.Role> R getRoleById(int id)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Retrieve a Role object with specified Id.
 
 Specified by:
 
 getRoleById in interface SecurityService
 
 Parameters:
 id - the id of the Role.
 
 Returns:
 an object representing the Role with specified name.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the permission does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - getPermissionByName
```
public  P getPermissionByName(String name)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Retrieve a Permission object with specified name.
 
 Specified by:
 
 getPermissionByName in interface SecurityService
 
 Parameters:
 name - the name of the Permission.
 
 Returns:
 an object representing the Permission with specified name.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the permission does not exist.
 - getPermissionById
```
public  P getPermissionById(int id)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Retrieve a Permission object with specified Id.
 
 Specified by:
 
 getPermissionById in interface SecurityService
 
 Parameters:
 id - the id of the Permission.
 
 Returns:
 an object representing the Permission with specified name.
 
 Throws:
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the permission does not exist in the database.
 
 org.apache.fulcrum.security.util.DataBackendException - if there is a problem accessing the storage.
 - getAllGroups
```
public org.apache.fulcrum.security.util.GroupSet getAllGroups()
 throws org.apache.fulcrum.security.util.DataBackendException
```
 Retrieves all groups defined in the system.
 
 Specified by:
 
 getAllGroups in interface SecurityService
 
 Returns:
 the names of all groups defined in the system.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 - getAllRoles
```
public org.apache.fulcrum.security.util.RoleSet getAllRoles()
 throws org.apache.fulcrum.security.util.DataBackendException
```
 Retrieves all roles defined in the system.
 
 Specified by:
 
 getAllRoles in interface SecurityService
 
 Returns:
 the names of all roles defined in the system.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 - getAllPermissions
```
public org.apache.fulcrum.security.util.PermissionSet getAllPermissions()
 throws org.apache.fulcrum.security.util.DataBackendException
```
 Retrieves all permissions defined in the system.
 
 Specified by:
 
 getAllPermissions in interface SecurityService
 
 Returns:
 the names of all roles defined in the system.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 - getACL
```
public <A extends org.apache.fulcrum.security.acl.AccessControlList> A getACL(User user)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Constructs an AccessControlList for a specific user.
 
 Specified by:
 
 getACL in interface SecurityService
 
 Parameters:
 user - the user for whom the AccessControlList are to be retrieved
 
 Returns:
 The AccessControList object constructed from the user object.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if user account is not present.
 - grant
```
public void grant(User user,
 org.apache.fulcrum.security.entity.Group group,
 org.apache.fulcrum.security.entity.Role role)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Grant an User a Role in a Group.
 
 Specified by:
 
 grant in interface SecurityService
 
 Parameters:
 user - the user.
 group - the group.
 role - the role.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if user account, group or role is not present.
 - revoke
```
public void revoke(User user,
 org.apache.fulcrum.security.entity.Group group,
 org.apache.fulcrum.security.entity.Role role)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Revoke a Role in a Group from an User.
 
 Specified by:
 
 revoke in interface SecurityService
 
 Parameters:
 user - the user.
 group - the group.
 role - the role.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if user account, group or role is not present.
 - revokeAll
```
public void revokeAll(User user)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Revokes all roles from an User. This method is used when deleting an account.
 
 Specified by:
 
 revokeAll in interface SecurityService
 
 Parameters:
 user - the User.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the account is not present.
 - grant
```
public void grant(org.apache.fulcrum.security.entity.Role role,
 org.apache.fulcrum.security.entity.Permission permission)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Grants a Role a Permission
 
 Specified by:
 
 grant in interface SecurityService
 
 Parameters:
 role - the Role.
 permission - the Permission.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if role or permission is not present.
 - revoke
```
public void revoke(org.apache.fulcrum.security.entity.Role role,
 org.apache.fulcrum.security.entity.Permission permission)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Revokes a Permission from a Role.
 
 Specified by:
 
 revoke in interface SecurityService
 
 Parameters:
 role - the Role.
 permission - the Permission.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if role or permission is not present.
 - revokeAll
```
public void revokeAll(org.apache.fulcrum.security.entity.Role role)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Revokes all permissions from a Role. This method is user when deleting a Role.
 
 Specified by:
 
 revokeAll in interface SecurityService
 
 Parameters:
 role - the Role
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the Role is not present.
 - getPermissions
```
public org.apache.fulcrum.security.util.PermissionSet getPermissions(org.apache.fulcrum.security.entity.Role role)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Retrieves all permissions associated with a role.
 
 Specified by:
 
 getPermissions in interface SecurityService
 
 Parameters:
 role - the role name, for which the permissions are to be retrieved.
 
 Returns:
 the Permissions for the specified role
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the role is not present.
 - addGroup
```
public <G extends org.apache.fulcrum.security.entity.Group> G addGroup(G group)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.EntityExistsException
```
 Creates a new group with specified attributes.
 
 Specified by:
 
 addGroup in interface SecurityService
 
 Parameters:
 group - the object describing the group to be created.
 
 Returns:
 the new Group object.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.EntityExistsException - if the group already exists.
 - addRole
```
public <R extends org.apache.fulcrum.security.entity.Role> R addRole(R role)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.EntityExistsException
```
 Creates a new role with specified attributes.
 
 Specified by:
 
 addRole in interface SecurityService
 
 Parameters:
 role - the objects describing the role to be created.
 
 Returns:
 the new Role object.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.EntityExistsException - if the role already exists.
 - addPermission
```
public  P addPermission(P permission)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.EntityExistsException
```
 Creates a new permission with specified attributes.
 
 Specified by:
 
 addPermission in interface SecurityService
 
 Parameters:
 permission - the objects describing the permission to be created.
 
 Returns:
 the new Permission object.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.EntityExistsException - if the permission already exists.
 - removeGroup
```
public void removeGroup(org.apache.fulcrum.security.entity.Group group)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Removes a Group from the system.
 
 Specified by:
 
 removeGroup in interface SecurityService
 
 Parameters:
 group - the object describing group to be removed.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the group does not exist.
 - removeRole
```
public void removeRole(org.apache.fulcrum.security.entity.Role role)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Removes a Role from the system.
 
 Specified by:
 
 removeRole in interface SecurityService
 
 Parameters:
 role - The object describing the role to be removed.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the role does not exist.
 - removePermission
```
public void removePermission(org.apache.fulcrum.security.entity.Permission permission)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Removes a Permission from the system.
 
 Specified by:
 
 removePermission in interface SecurityService
 
 Parameters:
 permission - The object describing the permission to be removed.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the permission does not exist.
 - renameGroup
```
public void renameGroup(org.apache.fulcrum.security.entity.Group group,
 String name)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Renames an existing Group.
 
 Specified by:
 
 renameGroup in interface SecurityService
 
 Parameters:
 group - The object describing the group to be renamed.
 name - the new name for the group.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the group does not exist.
 - renameRole
```
public void renameRole(org.apache.fulcrum.security.entity.Role role,
 String name)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Renames an existing Role.
 
 Specified by:
 
 renameRole in interface SecurityService
 
 Parameters:
 role - The object describing the role to be renamed.
 name - the new name for the role.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the role does not exist.
 - renamePermission
```
public void renamePermission(org.apache.fulcrum.security.entity.Permission permission,
 String name)
 throws org.apache.fulcrum.security.util.DataBackendException,
 org.apache.fulcrum.security.util.UnknownEntityException
```
 Renames an existing Permission.
 
 Specified by:
 
 renamePermission in interface SecurityService
 
 Parameters:
 permission - The object describing the permission to be renamed.
 name - the new name for the permission.
 
 Throws:
 
 org.apache.fulcrum.security.util.DataBackendException - if there was an error accessing the data backend.
 
 org.apache.fulcrum.security.util.UnknownEntityException - if the permission does not exist.

Class DefaultSecurityService

Field Summary

Fields inherited from class org.apache.turbine.services.BaseService

Fields inherited from class org.apache.turbine.services.BaseInitable

Fields inherited from interface org.apache.turbine.services.security.SecurityService

Constructor Summary

Method Summary

Methods inherited from class org.apache.turbine.services.TurbineBaseService

Methods inherited from class org.apache.turbine.services.BaseService

Methods inherited from class org.apache.turbine.services.BaseInitable

Methods inherited from class java.lang.Object

Methods inherited from interface org.apache.turbine.services.Service

Methods inherited from interface org.apache.turbine.services.Initable

Constructor Detail

DefaultSecurityService

Method Detail

init

getUserInstance

getUserInstance

getGroupInstance

getGroupInstance

getPermissionInstance

getPermissionInstance

getRoleInstance

getRoleInstance

getUserManager

accountExists

accountExists

getAuthenticatedUser

getUser

getAnonymousUser

isAnonymousUser

saveUser

saveOnSessionUnbind

addUser

removeUser

changePassword

forcePassword

lockShared

unlockShared

lockExclusive

unlockExclusive

getGlobalGroup

getGroupByName

getGroupById

getRoleByName

getRoleById

getPermissionByName

getPermissionById

getAllGroups

getAllRoles

getAllPermissions

getACL

grant

revoke

revokeAll

grant

revoke

revokeAll

getPermissions

addGroup

addRole

addPermission

removeGroup

removeRole

removePermission

renameGroup

renameRole

renamePermission