This discussion is archived
1 Reply Latest reply: May 1, 2013 6:54 AM by aksarben RSS

populating authorizations using cookies

972354 Newbie
Currently Being Moderated
I need to read the cookie and read from table which contains fields like userid,username,groupid etc which i have created.So,I have to add some features(VIEWCONFIG,ADDCLIENT,EDITCLIENT,VIEWINVOICE) to my portal (web app) and i need to set it to session and populate the authorizations from resources.Please help me how to load the authorizations from resources.(resources are resourceID,user_ID,Insert,update,delete,browse etc)

package com.comdata.fis.presentation.actions;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

import com.comdata.core.fis.constants.AppConfigKeys;
import com.comdata.core.fis.constants.AppContextKeys;
import com.comdata.core.fis.util.systemhelpers.SecurityHelper;
import com.comdata.fis.web.WebUtils;
import com.svs.core.constants.SystemConstants;
import com.svs.security.helper.ApplicationSecurityHelper;
import com.svs.security.model.PortalSecurityPrincipal;

public class InitAction extends BaseAction {

private static Logger log = Logger.getLogger(InitAction.class);

public ActionForward appExecute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
{     
log.info("This is the initial action - Portal will send you here with a Portal Cookie...");

try {
HttpSession session = request.getSession(false)
if (ApplicationSecurityHelper.getInstance().checkValidUser(request, SystemConstants.getApplicationCode(AppConfigKeys.APPLICATION_ABREV)))
{

log.info("User validated successfully!");
PortalSecurityPrincipal principal = WebUtils.getSecurityPrincipal(request);
SecurityHelper iSec = new SecurityHelper();
if (principal.getTmFatypes().contains(AppContextKeys.ADDCLIENT_FATYPE))
iSec.setAddClient(true);

if (principal.getTmFatypes().contains(AppContextKeys.EDITCLIENT_FATYPE)) {
iSec.setEditClient(true);

}

if (principal.getTmFatypes().contains(AppContextKeys.VIEWCONFIG_FATYPE))
iSec.setViewClient(true);
if (principal.getTmFatypes().contains(AppContextKeys.VIEWAUDIT_FATYPE))
iSec.setViewAudit(true);
if (principal.getTmFatypes().contains(AppContextKeys.VIEWINVOICE_FATYPE))
iSec.setViewInvoice(true);
if (principal.getTmFatypes().contains(AppContextKeys.PAYMENTREVERSAL_FATYPE))
iSec.setPaymentReversal(true);
if (principal.getTmFatypes().contains(AppContextKeys.TEMPCREDITEDIT_FATYPE))
iSec.setTempCreditEdit(true);

WebUtils.setSecurityRights(request, iSec);
return mapping.findForward(AppContextKeys.ACTION_CLIENT_LIST);     
}     

} catch (Exception e) {     
log.error(e.getStackTrace());
log.error("Something unexpected happened : " + e.toString());
}

log.info("You failed validation...go back to default page....");
return mapping.findForward(AppContextKeys.PAGE_NOTAUTH);     
}     

}
Regards,
Nikhil Boorla

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points