1 Reply Latest reply: May 1, 2013 8:54 AM by aksarben RSS

    populating authorizations using cookies

    972354
      I need to read the cookie and read from table which contains fields like userid,username,groupid etc which i have created.So,I have to add some features(VIEWCONFIG,ADDCLIENT,EDITCLIENT,VIEWINVOICE) to my portal (web app) and i need to set it to session and populate the authorizations from resources.Please help me how to load the authorizations from resources.(resources are resourceID,user_ID,Insert,update,delete,browse etc)

      package com.comdata.fis.presentation.actions;

      import javax.servlet.http.HttpServletRequest;
      import javax.servlet.http.HttpServletResponse;
      import javax.servlet.http.HttpSession;

      import org.apache.log4j.Logger;
      import org.apache.struts.action.ActionForm;
      import org.apache.struts.action.ActionForward;
      import org.apache.struts.action.ActionMapping;

      import com.comdata.core.fis.constants.AppConfigKeys;
      import com.comdata.core.fis.constants.AppContextKeys;
      import com.comdata.core.fis.util.systemhelpers.SecurityHelper;
      import com.comdata.fis.web.WebUtils;
      import com.svs.core.constants.SystemConstants;
      import com.svs.security.helper.ApplicationSecurityHelper;
      import com.svs.security.model.PortalSecurityPrincipal;

      public class InitAction extends BaseAction {

      private static Logger log = Logger.getLogger(InitAction.class);

      public ActionForward appExecute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
      {     
      log.info("This is the initial action - Portal will send you here with a Portal Cookie...");

      try {
      HttpSession session = request.getSession(false)
      if (ApplicationSecurityHelper.getInstance().checkValidUser(request, SystemConstants.getApplicationCode(AppConfigKeys.APPLICATION_ABREV)))
      {

      log.info("User validated successfully!");
      PortalSecurityPrincipal principal = WebUtils.getSecurityPrincipal(request);
      SecurityHelper iSec = new SecurityHelper();
      if (principal.getTmFatypes().contains(AppContextKeys.ADDCLIENT_FATYPE))
      iSec.setAddClient(true);

      if (principal.getTmFatypes().contains(AppContextKeys.EDITCLIENT_FATYPE)) {
      iSec.setEditClient(true);

      }

      if (principal.getTmFatypes().contains(AppContextKeys.VIEWCONFIG_FATYPE))
      iSec.setViewClient(true);
      if (principal.getTmFatypes().contains(AppContextKeys.VIEWAUDIT_FATYPE))
      iSec.setViewAudit(true);
      if (principal.getTmFatypes().contains(AppContextKeys.VIEWINVOICE_FATYPE))
      iSec.setViewInvoice(true);
      if (principal.getTmFatypes().contains(AppContextKeys.PAYMENTREVERSAL_FATYPE))
      iSec.setPaymentReversal(true);
      if (principal.getTmFatypes().contains(AppContextKeys.TEMPCREDITEDIT_FATYPE))
      iSec.setTempCreditEdit(true);

      WebUtils.setSecurityRights(request, iSec);
      return mapping.findForward(AppContextKeys.ACTION_CLIENT_LIST);     
      }     

      } catch (Exception e) {     
      log.error(e.getStackTrace());
      log.error("Something unexpected happened : " + e.toString());
      }

      log.info("You failed validation...go back to default page....");
      return mapping.findForward(AppContextKeys.PAGE_NOTAUTH);     
      }     

      }
      Regards,
      Nikhil Boorla