Search in sources :

Example 6 with SecurityViolation

use of org.apache.deltaspike.security.api.authorization.SecurityViolation in project deltaspike by apache.

the class LoggedInAccessDecisionVoter method checkPermission.

@Override
protected void checkPermission(AccessDecisionVoterContext context, Set<SecurityViolation> violations) {
    if (identity.isLoggedIn()) {
    // no violations, pass
    } else {
        violations.add(new SecurityViolation() {

            @Override
            public String getReason() {
                return "User must be logged in to access this resource";
            }
        });
        // remember the requested page
        deniedPage = viewConfigResolver.getViewConfigDescriptor(FacesContext.getCurrentInstance().getViewRoot().getViewId()).getConfigClass();
    }
}
Also used : SecurityViolation(org.apache.deltaspike.security.api.authorization.SecurityViolation)

Example 7 with SecurityViolation

use of org.apache.deltaspike.security.api.authorization.SecurityViolation in project deltaspike by apache.

the class SecurityUtils method addViolationsAsMessage.

private static void addViolationsAsMessage(Set<SecurityViolation> violations) {
    String message;
    for (SecurityViolation violation : violations) {
        //TODO discuss it (with CODI handling such messages was easier)
        message = violation.getReason();
        if (!isMessageAddedAlready(message)) {
            FacesMessage facesMessage = new FacesMessage(FacesMessage.SEVERITY_ERROR, message, message);
            FacesContext.getCurrentInstance().addMessage(null, facesMessage);
        }
    }
}
Also used : SecurityViolation(org.apache.deltaspike.security.api.authorization.SecurityViolation) FacesMessage(javax.faces.application.FacesMessage)

Aggregations

SecurityViolation (org.apache.deltaspike.security.api.authorization.SecurityViolation)7 HashSet (java.util.HashSet)3 AccessDecisionState (org.apache.deltaspike.security.api.authorization.AccessDecisionState)2 AccessDeniedException (org.apache.deltaspike.security.api.authorization.AccessDeniedException)2 Annotation (java.lang.annotation.Annotation)1 Set (java.util.Set)1 FacesMessage (javax.faces.application.FacesMessage)1 ViewConfig (org.apache.deltaspike.core.api.config.view.ViewConfig)1 AccessDecisionVoter (org.apache.deltaspike.security.api.authorization.AccessDecisionVoter)1 ErrorViewAwareAccessDeniedException (org.apache.deltaspike.security.api.authorization.ErrorViewAwareAccessDeniedException)1 Secured (org.apache.deltaspike.security.api.authorization.Secured)1 SecurityParameterValueRedefiner (org.apache.deltaspike.security.impl.authorization.SecurityParameterValueRedefiner)1 EditableAccessDecisionVoterContext (org.apache.deltaspike.security.spi.authorization.EditableAccessDecisionVoterContext)1