org.apache.turbine.modules.actions.sessionvalidator
Class TemplateSecureSessionValidator

java.lang.Object
  extended by org.apache.turbine.modules.Assembler
      extended by org.apache.turbine.modules.Action
          extended by org.apache.turbine.modules.actions.sessionvalidator.SessionValidator
              extended by org.apache.turbine.modules.actions.sessionvalidator.TemplateSecureSessionValidator

public class TemplateSecureSessionValidator
extends SessionValidator

SessionValidator that requires login for use with Template Services like Velocity or WebMacro.
Templating services requires a different Session Validator because of the way it handles screens. If you use the WebMacro or Velocity Service with the DefaultSessionValidator, users will be able to bypass login by directly addressing the template using template/index.wm. This is because the Page class looks for the keyword "template" in the Path information and if it finds it will reset the screen using it's lookup mechanism and thereby bypass Login. Note that you will need to set the template.login property to the login template.

Version:
$Id: TemplateSecureSessionValidator.java 1066518 2011-02-02 16:30:53Z ludwig $
Author:
John D. McNally, Dave Bryson, Henning P. Schmiedehausen, Peter Courcoux

Field Summary
 
Fields inherited from class org.apache.turbine.modules.Action
CACHE_SIZE_DEFAULT, CACHE_SIZE_KEY, NAME, PREFIX
 
Constructor Summary
TemplateSecureSessionValidator()
           
 
Method Summary
 void doPerform(PipelineData pipelineData)
          doPerform is virtually identical to DefaultSessionValidator except that it calls template methods instead of bare screen methods.
 void doPerform(RunData data)
          Deprecated. Use PipelineData version instead.
 
Methods inherited from class org.apache.turbine.modules.Action
getPrefix, perform, perform
 
Methods inherited from class org.apache.turbine.modules.Assembler
getRunData
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

TemplateSecureSessionValidator

public TemplateSecureSessionValidator()
Method Detail

doPerform

@Deprecated
public void doPerform(RunData data)
               throws TurbineException
Deprecated. Use PipelineData version instead.

doPerform is virtually identical to DefaultSessionValidator except that it calls template methods instead of bare screen methods. For example, it uses setScreenTemplate to load the tr.props TEMPLATE_LOGIN instead of the default's setScreen to TurbineConstants.SCREEN_LOGIN.

Specified by:
doPerform in class Action
Parameters:
data - Turbine information.
Throws:
TurbineException - The anonymous user could not be obtained from the security service
See Also:
DefaultSessionValidator

doPerform

public void doPerform(PipelineData pipelineData)
               throws TurbineException
doPerform is virtually identical to DefaultSessionValidator except that it calls template methods instead of bare screen methods. For example, it uses setScreenTemplate to load the tr.props TEMPLATE_LOGIN instead of the default's setScreen to TurbineConstants.SCREEN_LOGIN.

Overrides:
doPerform in class Action
Parameters:
pipelineData - Turbine information.
Throws:
TurbineException - The anonymous user could not be obtained from the security service
See Also:
DefaultSessionValidator


Copyright © 2000-2011 The Apache Software Foundation. All Rights Reserved.