[Openutils-svn] SF.net SVN: openutils: [687] trunk/openutils-hibernate-security/src/main/ java/it/openutils/hibernate/security/aop/AOPSecurity.java

[<fc...@us...>]

Revision: 687
          http://openutils.svn.sourceforge.net/openutils/?rev=687&view=rev
Author:   fcarone
Date:     2008-02-25 01:15:35 -0800 (Mon, 25 Feb 2008)

Log Message:
-----------
new config variable for denyIfNoRulesFound added

Modified Paths:
--------------
    trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java

Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java
===================================================================
--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java	2008-02-22 16:13:02 UTC (rev 686)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/aop/AOPSecurity.java	2008-02-25 09:15:35 UTC (rev 687)
@@ -48,6 +48,8 @@
      */
     private Logger log = LoggerFactory.getLogger(AOPSecurity.class);
 
+    private boolean denyIfNoRulesFound = true;
+
     private SecurityRuleManager securityRuleManager;
 
     private List<String> securedDAOs;
@@ -105,11 +107,20 @@
                     grantedRoles += authorities[i].getAuthority() + " ";
                 }
                 log.warn(
-                    "No rules found. Access is denied on " + entity + ", for user {} with roles {}",
+                    "No rules found for " + entity + ", user {} with roles {}",
                     SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString(),
                     grantedRoles);
             }
-            throw new SecurityException("Access denied");
+            if (denyIfNoRulesFound)
+            {
+                log.debug("denyIfNoRulesFound is true, denying access.");
+                throw new SecurityException("Access denied");
+            }
+            else
+            {
+                log.debug("denyIfNoRulesFound is false, allowing access.");
+                return pjp.proceed();
+            }
         }
 
         Filter hibernateFilter = securityRuleManager.getEntityFilterFromRules(entity, rules);
@@ -151,4 +162,14 @@
     {
         this.enabled = enabled;
     }
+
+
+    /**
+     * Sets the denyIfNoRulesFound.
+     * @param denyIfNoRulesFound the denyIfNoRulesFound to set
+     */
+    public void setDenyIfNoRulesFound(boolean denyIfNoRulesFound)
+    {
+        this.denyIfNoRulesFound = denyIfNoRulesFound;
+    }
 }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.