org.securityfilter.config
Class SecurityConfig

java.lang.Object
  org.securityfilter.config.SecurityConfig

public class SecurityConfig

extends Object

SecurityConfig gathers information from the security-config.xml file to be used by the filter.

Version:

$Revision: 1.1 $ $Date: 2004/07/03 20:53:45 $

Author:

Torgeir Veimo (torgeir@pobox.com), Max Cooper (max@maxcooper.com), Daya Sharma (iamdaya@yahoo.com, billydaya@sbcglobal.net)

Constructor Summary

SecurityConfig(boolean validating)
Constructor that takes the validating flag and debug level to be used while parsing.

Method Summary

void	addRealm(Object realm) Adds a realm to use for authentication.
void	addSecurityConstraint(SecurityConstraint constraint) Adds a SecurityConstraint.
String	getAuthMethod() Get the authentication method being used to challenge the user.
String	getDefaultPage() Return the default page URL.
String	getErrorPage() Return the error page URL.
String	getLoginPage() Return the login page URL.
SecurityRealmInterface	getRealm() Return the realm to use for authentication.
String	getRealmName() Get the authentication realm name.
List	getSecurityConstraints() Return the configured SecurityConstraints.
void	loadConfig(URL configURL) Loads configuration from the specifued configURL.
protected void	registerLocalDTDs(org.apache.commons.digester.Digester digester) Register local copies of the SecurityFilter DTD files.
void	setAuthMethod(String authMethod) Set the authentication method being used to challenge the user.
void	setDefaultPage(String defaultPage) Set the default page URL.
void	setErrorPage(String errorPage) Set the error page URL.
void	setLoginPage(String loginPage) Set the login page URL.
void	setRealmName(String realmName) Set the authentication realm name.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityConfig

public SecurityConfig(boolean validating)

Constructor that takes the validating flag and debug level to be used while parsing.

Parameters:

validating - validate the input file, true = validate, false = don't validate

Method Detail

getLoginPage

public String getLoginPage()

Return the login page URL.

setLoginPage

public void setLoginPage(String loginPage)

Set the login page URL. This is the page the user will be sent to to log in (i.e. the login form).

Parameters:

loginPage - The login page url (relative to site root)

getErrorPage

public String getErrorPage()

Return the error page URL.

setErrorPage

public void setErrorPage(String errorPage)

Set the error page URL. This is the page the user will be sent to if login request fails.

Parameters:

errorPage - The login page URL (relative to site root)

getDefaultPage

public String getDefaultPage()

Return the default page URL.

setDefaultPage

public void setDefaultPage(String defaultPage)

Set the default page URL. This is the page the user will be sent to if they submit a login request without being forced to the login page by the filter.

Parameters:

defaultPage - The default page URL (relative to site root)

getAuthMethod

public String getAuthMethod()

Get the authentication method being used to challenge the user. Currently, only BASIC and FORM based are supported.

Returns:

BASIC or FORM

setAuthMethod

public void setAuthMethod(String authMethod)

Set the authentication method being used to challenge the user. Currently, only BASIC and FORM based are supported.

Parameters:

authMethod - The authentication method to be used by the filter

getRealmName

public String getRealmName()

Get the authentication realm name. This is used for BASIC authentication.

Returns:

the realm-name configured by the application developer

setRealmName

public void setRealmName(String realmName)

Set the authentication realm name. This is used for BASIC authentication.

Parameters:

realmName - the realm name to be used for BASIC authentication

getRealm

public SecurityRealmInterface getRealm()

Return the realm to use for authentication. This is the outer-most realm if nested realms are used. The outer-most realm must be listed first in the configuration file.

addRealm

public void addRealm(Object realm)
              throws NoSuchMethodException,
                     IllegalAccessException,
                     InvocationTargetException

Adds a realm to use for authentication. The first time this method is called, the realm must implement SecurityRealmInterface. Subsequent calls can be any kind of object, and setRealm(realm) will be called on the last realm passed to this method. This allows nesting of realms for caching or when a realm adapter is used.

Parameters:

realm - The realm to use, or nest in deeper realm

Throws:

NoSuchMethodException

IllegalAccessException

InvocationTargetException

getSecurityConstraints

public List getSecurityConstraints()

Return the configured SecurityConstraints.

addSecurityConstraint

public void addSecurityConstraint(SecurityConstraint constraint)

Adds a SecurityConstraint.

Parameters:

constraint - The SecurityConstraint to add

loadConfig

public void loadConfig(URL configURL)
                throws IOException,
                       SAXException

Loads configuration from the specifued configURL.

Parameters:

configURL - The url to load.

Throws:

IOException - if an input/output error occurs

SAXException - if the file has invalid xml syntax

registerLocalDTDs

protected void registerLocalDTDs(org.apache.commons.digester.Digester digester)

Register local copies of the SecurityFilter DTD files.

Parameters:

digester -