at.spardat.xma.session
Class XMASession

java.lang.Object
  extended byat.spardat.xma.session.XMASession
Direct Known Subclasses:
XMASessionClient, XMASessionServer

public abstract class XMASession
extends java.lang.Object

A XMASession is an execution context for Components.


Constructor Summary
XMASession()
          Constructor.
 
Method Summary
 boolean checkPermission(java.lang.String operation)
          Checks if the logged in user is allowed to perform the given operation.
abstract  byte[] getApplicationVersion()
          Application Hash-Code built from application descriptors.
 int getApplicationVersionShort()
          Returns a 32-bit hash of the application version.
abstract  XMAContext getContext()
          Returns the execution context of this session.
abstract  PluginManager getPluginManager()
          Returns the PluginManager that must be used to retrieve client side plugin implementations.
abstract  javax.security.auth.Subject getSubject()
          Returns the subject as supplied by the JAAS conforming login module.
abstract  boolean isAtServer()
          Returns true if this session is in the server JVM.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

XMASession

public XMASession()
Constructor.

Method Detail

getContext

public abstract XMAContext getContext()
Returns the execution context of this session. This contains to the authenticated user, the mandant and the environment.

Returns:
context never null.

getSubject

public abstract javax.security.auth.Subject getSubject()
Returns the subject as supplied by the JAAS conforming login module.

Returns:
the subject provided by the login module.

getPluginManager

public abstract PluginManager getPluginManager()
Returns the PluginManager that must be used to retrieve client side plugin implementations.

Returns:
a PluginManagerClient that is never null.

checkPermission

public boolean checkPermission(java.lang.String operation)
Checks if the logged in user is allowed to perform the given operation. The operation can be hierachicaly structured;
e.g.: <component>/<page>/<event>
and permissions can be defined at each level. If nothing is defined for an event, the permissions for the page are used. If nothing is defined for the page the permissions of the component are used. If nothing is defined for the component the permissions of the application are used.
The permissions are defined in the property-file at/spardat/xma/security/Authorisation.properties which must be in the classpath. The special property <default> is used for the application permission.
The mapping of this permissions to the securitycodes used by the authorisation plugin and the underlaying authorisation system of the installation are defined ing the property-file at/spardat/xma/security/Authorisation.properties which must be in the classpath, too.

Parameters:
operation - the operation to check
Returns:
true if the logged in user is allowed to perform the given operation, false otherwise.

getApplicationVersion

public abstract byte[] getApplicationVersion()
Application Hash-Code built from application descriptors.

Returns:
Application Version Hash-Code

getApplicationVersionShort

public int getApplicationVersionShort()
Returns a 32-bit hash of the application version.


isAtServer

public abstract boolean isAtServer()
Returns true if this session is in the server JVM.