Jresearch Software Blog

Securing User Interfaces

Oct 22, 2009 by Ekaterina Gorshkova

In the previous posts I showed how to check authorization in a Java method. Now we'll consider how to secure part of the user interface.


The Flexess client integration tag library is provided as a set of tags for accessing the basic authorization operations of the com.jresearchsoft.uam.client.IAuthorizationManager.


The main tag is called check. This tag simply invokes the check method of the IAuthorizationManager. Below is an example of how it's used:

<flexess-client:check operation="list" 
            className="${sumRequestConst.USER_CLASS_NAME}"> 
    <jsp:attribute name="TRUE"> 
       <jsp:forward page="user/list.htm" /> 
    </jsp:attribute>
    <jsp:attribute name="FALSE">
         <jsp:forward page="editUser.htm">
             <jsp:param name="user.id" 
                        value="${sessionScope.FORM_AUTHENTICATION.userName}"/>
         </jsp:forward>
    </jsp:attribute>
</flexess-client:check>

If the check operation requires some attributes, they can be provided in two ways - as a java.util.Map in the attributeMap:


<flexess-client:check operation="list" 
                      className="${sumRequestConst.USER_CLASS_NAME}" 
                      attributeMap="${someScope.someName}"> 

... or with dynamic attributes:



<flexess-client:check operation="list" className="${sumRequestConst.USER_CLASS_NAME}" 
                      someAttributeName1="someAttributeValue1" 
                      someAttributeName2="someAttributeValue2">

« Previous day (Oct 21, 2009) | Main | Next day (Oct 23, 2009) »
 
corner-header-left-top corner-header-right-top

« October 2009
SunMonTueWedThuFriSat
    
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
       
Today

Links

Feeds

Navigation

 
corner-header-left-top corner-header-right-top
© 2008-2009 Jresearch Software s.r.o.