dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #04659
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 1555: Wrote javadocs for the automatic access solution
------------------------------------------------------------
revno: 1555
committer: Lars Helge Oeverland <larshelge@xxxxxxxxx>
branch nick: trunk
timestamp: Thu 2010-03-04 21:36:59 +0100
message:
Wrote javadocs for the automatic access solution
modified:
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AutomaticAccessProvider.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/GhostAutomaticAccessProvider.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/AutomaticAccessFilter.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription.
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java 2010-03-04 18:36:11 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AbstractAutomaticAccessProvider.java 2010-03-04 20:36:59 +0000
@@ -36,6 +36,9 @@
import org.springframework.security.GrantedAuthorityImpl;
/**
+ * Abstract automatic access provider class. Delegates methods initialise() and
+ * access() to implementing classes.
+ *
* @author Torgeir Lorange Ostby
* @version $Id: AbstractAutomaticAccessProvider.java 6352 2008-11-20 15:49:52Z larshelg $
*/
@@ -66,7 +69,6 @@
protected abstract void initialise();
-
public final void init()
{
if ( isEnabled() )
@@ -79,7 +81,7 @@
// Support methods
// -------------------------------------------------------------------------
- protected boolean isEnabled()
+ private boolean isEnabled()
{
return ( userStore.getAllUsers().size() == 0);
}
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AutomaticAccessProvider.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AutomaticAccessProvider.java 2009-03-03 16:46:36 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/AutomaticAccessProvider.java 2010-03-04 20:36:59 +0000
@@ -28,6 +28,9 @@
*/
/**
+ * This interface provides a mechanism for accessing the applications in situations
+ * where no users exist in the database.
+ *
* @author Torgeir Lorange Ostby
* @version $Id: AutomaticAccessProvider.java 3160 2007-03-24 20:15:06Z torgeilo $
*/
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java 2010-03-04 16:57:53 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java 2010-03-04 20:36:59 +0000
@@ -34,6 +34,8 @@
import org.hisp.dhis.user.UserCredentials;
/**
+ * This access provider will put a user with all granted authorities in the database.
+ *
* @author Torgeir Lorange Ostby
* @version $Id: DatabaseAutomaticAccessProvider.java 3513 2007-08-04 16:16:40Z
* torgeilo $
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/GhostAutomaticAccessProvider.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/GhostAutomaticAccessProvider.java 2010-01-28 15:23:28 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/GhostAutomaticAccessProvider.java 2010-03-04 20:36:59 +0000
@@ -33,6 +33,10 @@
import org.springframework.security.userdetails.UserDetails;
/**
+ * This access provider will put an Authentication object with all GrantedAuthorities
+ * in the SecurityContext in any case. This means that any user will be authenticated
+ * and the login effectively bypassed.
+ *
* @author Torgeir Lorange Ostby
* @version $Id: GhostAutomaticAccessProvider.java 3160 2007-03-24 20:15:06Z torgeilo $
*/
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/AutomaticAccessFilter.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/AutomaticAccessFilter.java 2009-03-03 16:46:36 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/AutomaticAccessFilter.java 2010-03-04 20:36:59 +0000
@@ -42,6 +42,11 @@
import org.hisp.dhis.security.AutomaticAccessProvider;
/**
+ * This filter provides access to the system in situations where no users exists
+ * in the database. Access providers can be registered with the accessProviders map.
+ * The access provider to use must be defined as an init parameter in web.xml in
+ * the various web modules.
+ *
* @author Torgeir Lorange Ostby
* @version $Id: AutomaticAccessFilter.java 3160 2007-03-24 20:15:06Z torgeilo $
*/