Dashboard > Community Wiki > ... > Template Examples > Auto navigation class with protected mode
Auto navigation class with protected mode Log In View a printable version of the current page.

Added by GrĂ©gory Joseph , last edited by GrĂ©gory Joseph on May 20, 2008  (view change)
Labels: 

The attached class is a modified version on SimpleNavigationTag which can hide URLs if there is a security constraint on it and the user lacks a required role. By adusting to the users granted roles, you not only avoid HTTP 403 Access Denied errors when browsing to denied resources, you get customized views of the site tree.

The class has been modified to run from a scriptlet rather than a tag, so its easy to make tweaks. 3 methods have been added:

  • setProtectMode() // sets the configured value in the class
  • getPrincipalRoles() // gets the authenticated Principal's roles
  • getAuthProtected() // uses Node Interface to get webapp security constraint info from deployment descriptor, matches against Principal roles, and builds list of protected URL's along with boolean authorization flag.

As the process 'drawsChildren', it checks for the URLs in the auth_protected list and hides it if the auth flag is false. The navigation reflects new role grants and new security constraints automatically.

While I've written scripts and functions before, I've never had to write a class, & I didn't write this one. Its just been modified & extended. Extending it this way & running it in a scriptlet goes against best practice, and some of the sub processes can probably be more efficiently coded. Perhaps some interest in refining it will come about?

I don't understand all the things the class is doing, and others who have customized it strip some of the stuff out, but I left everything in. Its not perfect. I'm not sure what doEndTag does or the best way to get the role list in there, so had to re-invoke the methods to build the auth_protected list. I was thinking of using setter methods to set the lists in the class rather than passing the full list in as an argument so doEndTag will aquire the values.

Hack or not, everything seems to work except the 'showChildren' boolean. Everything is false, and all sub nav lists are hidden when its used - so its not used.

In its previous incarnation on JspWiki, this page was last edited on Feb 9, 2007 10:10:43 AM by BobVan
Other known authors include :
Powered by a free Atlassian Confluence Open Source Project License granted to Magnolia International. Evaluate Confluence today.
Powered by Atlassian Confluence 2.7, the Enterprise Wiki. Bug/feature request - Atlassian news - Contact administrators