+

Search Tips   |   Advanced Search

Portal Access Control SPI


The Portal Access Control (PAC) System Programming Interface (SPI) lets you directly retrieve and modify access control information for portal resources.

We can retrieve the following main service interfaces through the AccessControlHome interface.

We can use the runtime model of Portal Access Control to evaluate whether a user is allowed to perform a specific operation.

For example, we can evaluate whether the user who triggered the request is allowed to dthat.

We can use the configuration model to retrieve the hierarchy of protected resources, and also to retrieve and modify role assignments and configuration data such as role blocks.

Examples of how these interfaces are used are provided in the accompanying Javadoc. The following example shows how to evaluate if a principal has view permissions on a resource:

Identifiable resource = ... ; 
// some resource, for example a portlet Principal bob = ... ; 
// some principal, for example Bob
Context ctx = new InitialContext();
AccessControlHome home = (AccessControlHome) ctx.lookup(AccessControlHome.JNDI_NAME);
AccessControlRuntimeModel runtimeModel = home.getAccessControlRuntimeModel(resource);
boolean isAllowed = runtimeModel.isAllowed(bob, RoleType.USER);

// the following is equivalent
AccessControlEnvironment environment = home.getAccessControlEnvironment();
Permission permission = environment.getPermission(resource, RoleType.USER);
AccessControlGlobalRuntimeModel globalModel = home.getAccessControlGlobalRuntimeModel();
isAllowed = globalModel.hasPermission(bob, permission); 


Parent: Portal Access Control interfaces