On Thu, Feb 14, 2008 at 7:13 PM, Warren <[EMAIL PROTECTED]> wrote:
> Maurice,
>
> I have a couple more questions. In my MySwarmStrategy hasPermission(...)
> method I only have to look up the principals that have the denied permission
> in them, correct?
Correct
>Here is my overide hasPermission(...) method:
>
>
> public boolean hasPermission(Permission p)
> {
> if (!super.hasPermission(p))
> {
> if
> (getHive().getClass().isInstance(MySimpleCachingHive.class))
> {
> Set<Principal> hivePrincipals =
> ((MySimpleCachingHive)getHive()).getPrincipals(p);
> // Place Set of Principals in the
> requestcycle or should I just place
> the Principal names in // requestcycle ?
This depends on how much information you want to use in your
accessdenied page if the name is all you need then by all means just
pass the names.
Also don't forget to filter the principals from the hive with the
principals contained in your subject. you are only interested in the
principals not contained in your hive.
> }
> return false;
> }
> return true;
> }
>
> I had to copy the whole PolicyFileHiveFactory I don't think I could get to
> "private Set inputStreams" or "private Set inputReaders" correctly.
There are getStreams and getReaders methods but they return a read
only view and thus will not allow you to clear them, ok.
>Here is
> my createHive() method:
>
> public Hive createHive()
> {
> BasicHive hive;
> if (isUsingHiveCache())
> hive = new MySimpleCachingHive();
> else
> hive = new BasicHive();
> ...
> }
>
> I only changed the one line above. In my app I am doing this:
>
>
> MyPolicyFileHiveFactory factory = new MyPolicyFileHiveFactory();
> factory.useHiveCache(true);
>
> Will the line above make sure that my MySimpleCachingHive will be used or is
> it possible for useHiveCache(false) to be used somewhere else?
This will do fine, remember you are the only one in control of the
policy factory. As soon as you pass it to HiveMind.registerHive the
createHive method is called, after that it is discarded.
BTW the default setting for useCache is true, but it does not hurt to
explicitly set it.
>
> Last question. I am not quite sure what to do in MySimpleCachingHive. I know
> this is an unrelated question, but I am not sure how to use your
> ManyToManyMap. I also am not sure when the addPrincipal(...) and
> addPermission(...) methods are called. Do one or the other get called per
> Principal that is in the hive? And, will I Load up the ManyToManyMap within
> these two methods ending up with this ManyToManyMap that will have all the
> Pricipals of the hive with their associated Permissions in them?
Either or both are called once or multiple times for each principal,
depending on how your policy is set up.
Anyway it does not matter how often each method is called since the
ManyToManyMap will fold everything together for you.
>
> Here is my MySimpleCachingHive:
>
> public class MySimpleCachingHive extends SimpleCachingHive
> {
> ...
>
> private ManyToManyMap hivePrincipalsAndPermissions;
>
> public void addPrincipal(Principal principal, Collection permissions)
> {
> super.addPrincipal(principal, permissions);
> // Load hivePrincipalsAndPermissions ?
Iterator it = permissions.iterator();
Permission next = null;
boolean debug = log.isDebugEnabled();
while (it.hasNext())
{
next = (Permission)it.next();
hivePrincipalsAndPermissions.add(next, principal);
}
> }
>
> public void addPermission(Principal principal, Permission permission)
> {
> super.addPermission(principal, permission);
> // Load hivePrincipalsAndPermissions ?
hivePrincipalsAndPermissions .add(permission,
principal);
> }
>
> public Set<Principal> getPrincipals(Permission p)
> {
> // Return Set of Principals related to permission
return hivePrincipalsAndPermissions.get(p)
> }
>
> }
Maurice
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
