sbwtxj
Posts: 27
|
| Posted: 02/25/2005, 10:12 PM |
|
Hi, 
I want to know the mechanism is between being restricted Page and login form .
And the restricted Page use what function to connect the UserLoginID/UserGroup/Level.
Thanks,
shanbw
_________________
----------------
Regards,
shanbw |
 |
 |
mrachow
Posts: 509
|
| Posted: 02/26/2005, 12:15 AM |
|
During login the security level of the user is read too.
Before a page is build that level is checked against the one(s) chosen for a restricted page.
A page can be restriction to (a) certain level(s) or all levels above a fixed one.
In PHP for this is used
CCSecurityRedirect("<allowedLevels>", "<PageIfNotAllowed>")
You can specify a page for user having a not sufficient level.
_________________
Best regards,
Michael |
|
|
|
sbwtxj
Posts: 27
|
| Posted: 02/26/2005, 5:39 AM |
|
Thanks,
But i want also to know what is used in Java/JSP.
And the function is not found in CCS CHM help file.
Because i want to setup the security mechanism for someone who has multigroup can apply approporiate group/level to the restricted page by CCS. The mechanism used by CCS is important.
Otherwise i will code this mechanism manually ,CCS can not implement it (I don't know the functions)or implement it very hard.
Now i want to use CCS to do it.
Regards,
shanbw
_________________
----------------
Regards,
shanbw |
|
|
|
mrachow
Posts: 509
|
| Posted: 02/26/2005, 8:23 AM |
|
I'm not sure if I understand your problem.
These security function are not described in help because they usually are used internally only.
But all facets of what you can protect and how are described in the manuals.
If you deal with JSP CC Studio will propagate java source files that are located under
<yourProject>\CCBuild\src\com\codecharge.
I suppose all security related classes are stored in subdirectory util.
_________________
Best regards,
Michael |
|
|
|
sbwtxj
Posts: 27
|
| Posted: 02/27/2005, 12:51 AM |
|
Thanks Michael,
I know these.
But i will study all security process that use all the functions about security.
I only want to know the course from login form to restricted page and setup restricted parameter and get this param.
So it is hard to know this mechanism.
I need this help about this processing mechanism.
Of course, this mechanism is adapted to PHP and Java. 
Regards,
shanbw
_________________
----------------
Regards,
shanbw |
|
|
|
sbwtxj
Posts: 27
|
| Posted: 03/10/2005, 5:54 AM |
|
I have found the question's key.
In CCSTableAuthenticator.java file, the authenticate function describe there is only one record to be retrieved from user info table,althought this user may be more than 2 record.But the restricted page has more than 2 level.
Now CCS has this function that it is single user's level to multigroup level of the retricted page.
I want to update the authenticate() function,it can process the user's level more than 2 level.
But i found i will know how to save the same variable name but difficult value in session,and call isUserInRole(int groupid),these value can be process.Now i don't know this way to save the session.
Regards,
shanbw
_________________
----------------
Regards,
shanbw |
|
|
|
sbwtxj
Posts: 27
|
| Posted: 03/11/2005, 6:52 AM |
|
Hi,everyone
I have resolved this question.
The following codes will tell you:
In CCSTableAuthenticator.java file, from the 173 line,
//DbRow userId = conn.getOneRow( this.sql );
//conn.closeConnection();
//updated's code start
Enumeration rows = conn.getRows(this.sql);
conn.closeConnection();
if ( rows != null )
{
ArrayList groupIdArray = ( ArrayList ) SessionStorage.getInstance( request ).getAttribute( "groupIdArray" );
if ( groupIdArray == null ) {
groupIdArray = new ArrayList();
SessionStorage.getInstance( request ).setAttribute( "groupIdArray",groupIdArray );
}
while( rows.hasMoreElements() ) {
DbRow userId = (DbRow) rows.nextElement();
if ( groupIdArray != null && userId.get( userIdFieldName ) != null) {
groupIdArray.add( userId.get( groupIdFieldName ).toString() );
}
authenticate = true;
SessionStorage.getInstance( request ).setAttribute( userIdVarName, userId.get( userIdFieldName ).toString() );
if ( userLoginVarName != null ) {
SessionStorage.getInstance( request ).setAttribute( userLoginVarName, userId.get( loginFieldName ).toString() );
this.principal = new CCSPrincipal( userId.get( loginFieldName ).toString() );
} else {
this.principal = new CCSPrincipal( userId.get( userIdFieldName ).toString() );
}
if ( groupIdVarName != null ) {
SessionStorage.getInstance( request ).setAttribute( groupIdVarName, groupIdArray ); //changed groupIdFieldName to groupIdArray
}
if ( userLoginVarName != null ) {
SessionStorage.getInstance( request ).setAttribute( userLoginVarName, userId.get( loginFieldName ).toString() );
}
afterLogin(userId);
}
}
return authenticate;
//updated's code end
....................................
public void invalidate() {
this.principal = null;
this.sql = null;
SessionStorage.getInstance( request ).removeAttribute( userIdVarName );
SessionStorage.getInstance( request ).removeAttribute( "groupIdArray" );//updated's code
if ( groupIdVarName != null ) {
SessionStorage.getInstance( request ).removeAttribute( groupIdVarName );
}
if ( userLoginVarName != null ) {
SessionStorage.getInstance( request ).removeAttribute( userLoginVarName );
}
}
......................................................................................................................................................................
In PageController.java file, from the 207 line,
Authenticator auth = AuthenticatorFactory.getAuthenticator( request );
ArrayList groupIdArray = ( ArrayList ) SessionStorage.getInstance( request ).getAttribute( "groupIdArray" ); //updated's code
if ( auth.getUserPrincipal() != null ) {
errorCode = null;
Permission p = page.getPermissions();
if ( p != null && p.isUseGroup() ) {
String[] groups = p.getGroupsIdByPermission( Permission.ALLOW_ACCESS );
if ( groups != null && groups.length > 0 ) {
//System.out.println("This message in PageController.java file...........");
System.out.println("Auth.getGroupId()=..........."+auth.getGroupI
_________________
----------------
Regards,
shanbw |
|
|
|
sbwtxj
Posts: 27
|
| Posted: 03/11/2005, 6:54 AM |
|
Hi,everyone
I have resolved this question.
The following codes will tell you:
In CCSTableAuthenticator.java file, from the 173 line,
//DbRow userId = conn.getOneRow( this.sql );
//conn.closeConnection();
//updated's code start
Enumeration rows = conn.getRows(this.sql);
conn.closeConnection();
if ( rows != null )
{
ArrayList groupIdArray = ( ArrayList ) SessionStorage.getInstance( request ).getAttribute( "groupIdArray" );
if ( groupIdArray == null ) {
groupIdArray = new ArrayList();
SessionStorage.getInstance( request ).setAttribute( "groupIdArray",groupIdArray );
}
while( rows.hasMoreElements() ) {
DbRow userId = (DbRow) rows.nextElement();
if ( groupIdArray != null && userId.get( userIdFieldName ) != null) {
groupIdArray.add( userId.get( groupIdFieldName ).toString() );
}
authenticate = true;
SessionStorage.getInstance( request ).setAttribute( userIdVarName, userId.get( userIdFieldName ).toString() );
if ( userLoginVarName != null ) {
SessionStorage.getInstance( request ).setAttribute( userLoginVarName, userId.get( loginFieldName ).toString() );
this.principal = new CCSPrincipal( userId.get( loginFieldName ).toString() );
} else {
this.principal = new CCSPrincipal( userId.get( userIdFieldName ).toString() );
}
if ( groupIdVarName != null ) {
SessionStorage.getInstance( request ).setAttribute( groupIdVarName, groupIdArray ); //changed groupIdFieldName to groupIdArray
}
if ( userLoginVarName != null ) {
SessionStorage.getInstance( request ).setAttribute( userLoginVarName, userId.get( loginFieldName ).toString() );
}
afterLogin(userId);
}
}
return authenticate;
//updated's code end
....................................
public void invalidate() {
this.principal = null;
this.sql = null;
SessionStorage.getInstance( request ).removeAttribute( userIdVarName );
SessionStorage.getInstance( request ).removeAttribute( "groupIdArray" );//updated's code
if ( groupIdVarName != null ) {
SessionStorage.getInstance( request ).removeAttribute( groupIdVarName );
}
if ( userLoginVarName != null ) {
SessionStorage.getInstance( request ).removeAttribute( userLoginVarName );
}
}
......................................................................................................................................................................
In PageController.java file, from the 207 line,
Authenticator auth = AuthenticatorFactory.getAuthenticator( request );
ArrayList groupIdArray = ( ArrayList ) SessionStorage.getInstance( request ).getAttribute( "groupIdArray" ); //updated's code
if ( auth.getUserPrincipal() != null ) {
errorCode = null;
Permission p = page.getPermissions();
if ( p != null && p.isUseGroup() ) {
String[] groups = p.getGroupsIdByPermission( Permission.ALLOW_ACCESS );
if ( groups != null && groups.length > 0 ) {
//System.out.println("This message in PageController.java file...........");
System.out.println("Auth.getGroupId()=..........."+auth.getGroupId());
// System.out.println("groupIdArray.size()= "+groupIdArray.size());
if ( groupIdArray.size() != 0 ) {
for ( int i=0; i<groupIdArray.size(); i++ ) {
System.out.println("groupIdArray["+i+"]= "+groupIdArray.get(i));
String groupIdValue = (String)groupIdArray.get(i);
for ( int j = 0; j < groups.length; j++ ) {
//System.out.println("access groups["+j+"]= "+groups[j]);
if(groupIdValue.equals(groups[j]))
{ allowAccess = true;
System.out.println("allowAccess= "+allowAccess);
break; }
}
if (allowAccess) {
System.out.println("Jumped from groupIdArray loop");
break; }
}
}
}
Thanks,
shanbw
_________________
----------------
Regards,
shanbw |
|
|
|
|
