You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by bo...@apache.org on 2011/03/27 22:14:34 UTC
svn commit: r1086020 - in
/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main:
java-jsf-1.1/ java-jsf-1.1/org/ java-jsf-1.1/org/apache/
java-jsf-1.1/org/apache/myfaces/ java-jsf-1.1/org/apache/myfaces/tobago/
java-jsf-1.1/org/apache/myfaces...
Author: bommel
Date: Sun Mar 27 20:14:33 2011
New Revision: 1086020
URL: http://svn.apache.org/viewvc?rev=1086020&view=rev
Log:
(TOBAGO-984) MethodExpression support for tobago-security module
Added:
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredButton.java (contents, props changed)
- copied, changed from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredButton.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredCommand.java (contents, props changed)
- copied, changed from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java (contents, props changed)
- copied, changed from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java (contents, props changed)
- copied, changed from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/CheckAuthorisationMethodExpression.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredButton.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java
Removed:
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/ApplicationFactoryImpl.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/ApplicationImpl.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredButton.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java
Modified:
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/CheckAuthorisationMethodBinding.java
myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/resources/META-INF/faces-config.xml
Copied: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredButton.java (from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredButton.java)
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredButton.java?p2=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredButton.java&p1=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredButton.java&r1=1083067&r2=1086020&rev=1086020&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredButton.java (original)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredButton.java Sun Mar 27 20:14:33 2011
@@ -20,11 +20,13 @@ package org.apache.myfaces.tobago.securi
import org.apache.myfaces.tobago.component.UIButton;
import javax.faces.context.FacesContext;
+import javax.faces.el.MethodBinding;
public class UISecuredButton extends UIButton {
public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredButton";
+ @Override
public boolean isDisabled() {
if (getAction() instanceof CheckAuthorisationMethodBinding) {
return !((CheckAuthorisationMethodBinding) getAction()).isAuthorized(FacesContext.getCurrentInstance())
@@ -33,4 +35,12 @@ public class UISecuredButton extends UIB
return super.isDisabled();
}
+ @Override
+ public void setAction(MethodBinding actionBinding) {
+ if (actionBinding != null) {
+ super.setAction(new CheckAuthorisationMethodBinding(actionBinding));
+ } else {
+ super.setAction(actionBinding);
+ }
+ }
}
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredButton.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredButton.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Copied: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredCommand.java (from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredCommand.java)
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredCommand.java?p2=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredCommand.java&p1=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredCommand.java&r1=1083067&r2=1086020&rev=1086020&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredCommand.java (original)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredCommand.java Sun Mar 27 20:14:33 2011
@@ -20,6 +20,7 @@ package org.apache.myfaces.tobago.securi
import org.apache.myfaces.tobago.component.UICommand;
import javax.faces.context.FacesContext;
+import javax.faces.el.MethodBinding;
/*
@@ -31,6 +32,7 @@ public class UISecuredCommand extends UI
public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredCommand";
+ @Override
public boolean isDisabled() {
if (getAction() instanceof CheckAuthorisationMethodBinding) {
return !((CheckAuthorisationMethodBinding) getAction()).isAuthorized(FacesContext.getCurrentInstance())
@@ -38,4 +40,13 @@ public class UISecuredCommand extends UI
}
return super.isDisabled();
}
+
+ @Override
+ public void setAction(MethodBinding actionBinding) {
+ if (actionBinding != null) {
+ super.setAction(new CheckAuthorisationMethodBinding(actionBinding));
+ } else {
+ super.setAction(actionBinding);
+ }
+ }
}
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredCommand.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredCommand.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Copied: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java (from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java)
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java?p2=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java&p1=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java&r1=1083067&r2=1086020&rev=1086020&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java (original)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java Sun Mar 27 20:14:33 2011
@@ -20,11 +20,13 @@ package org.apache.myfaces.tobago.securi
import org.apache.myfaces.tobago.component.UILink;
import javax.faces.context.FacesContext;
+import javax.faces.el.MethodBinding;
public class UISecuredLinkCommand extends UILink {
public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredLinkCommand";
+ @Override
public boolean isDisabled() {
if (getAction() instanceof CheckAuthorisationMethodBinding) {
return !((CheckAuthorisationMethodBinding) getAction()).isAuthorized(FacesContext.getCurrentInstance())
@@ -32,4 +34,13 @@ public class UISecuredLinkCommand extend
}
return super.isDisabled();
}
+
+ @Override
+ public void setAction(MethodBinding actionBinding) {
+ if (actionBinding != null) {
+ super.setAction(new CheckAuthorisationMethodBinding(actionBinding));
+ } else {
+ super.setAction(actionBinding);
+ }
+ }
}
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Copied: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java (from r1083067, myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java)
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java?p2=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java&p1=myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java&r1=1083067&r2=1086020&rev=1086020&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java (original)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java Sun Mar 27 20:14:33 2011
@@ -21,6 +21,7 @@ package org.apache.myfaces.tobago.securi
import org.apache.myfaces.tobago.component.UIMenuCommand;
import javax.faces.context.FacesContext;
+import javax.faces.el.MethodBinding;
/*
@@ -31,6 +32,7 @@ public class UISecuredMenuCommand extend
public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredMenuCommand";
+ @Override
public boolean isDisabled() {
if (getAction() instanceof CheckAuthorisationMethodBinding) {
return !((CheckAuthorisationMethodBinding) getAction()).isAuthorized(FacesContext.getCurrentInstance())
@@ -38,4 +40,13 @@ public class UISecuredMenuCommand extend
}
return super.isDisabled();
}
+
+ @Override
+ public void setAction(MethodBinding actionBinding) {
+ if (actionBinding != null) {
+ super.setAction(new CheckAuthorisationMethodBinding(actionBinding));
+ } else {
+ super.setAction(actionBinding);
+ }
+ }
}
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java
------------------------------------------------------------------------------
svn:keywords = Date Author Id Revision HeadURL
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.1/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,47 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.myfaces.tobago.component.UIToolBarCommand;
+
+import javax.faces.context.FacesContext;
+import javax.faces.el.MethodBinding;
+
+
+public class UISecuredToolBarCommand extends UIToolBarCommand {
+
+ public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredToolBarCommand";
+
+ @Override
+ public boolean isDisabled() {
+ if (getAction() instanceof CheckAuthorisationMethodBinding) {
+ return !((CheckAuthorisationMethodBinding) getAction()).isAuthorized(FacesContext.getCurrentInstance())
+ || super.isDisabled();
+ }
+ return super.isDisabled();
+ }
+
+ @Override
+ public void setAction(MethodBinding actionBinding) {
+ if (actionBinding != null) {
+ super.setAction(new CheckAuthorisationMethodBinding(actionBinding));
+ } else {
+ super.setAction(actionBinding);
+ }
+ }
+}
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/CheckAuthorisationMethodExpression.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/CheckAuthorisationMethodExpression.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/CheckAuthorisationMethodExpression.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/CheckAuthorisationMethodExpression.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,107 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.el.ELContext;
+import javax.el.MethodExpression;
+import javax.el.MethodInfo;
+import javax.faces.application.FacesMessage;
+import javax.faces.component.StateHolder;
+import javax.faces.component.UIComponentBase;
+import javax.faces.context.FacesContext;
+
+public class CheckAuthorisationMethodExpression extends MethodExpression implements StateHolder {
+ private static final Logger LOG = LoggerFactory.getLogger(CheckAuthorisationMethodExpression.class);
+
+ private MethodExpression methodExpression;
+
+ public CheckAuthorisationMethodExpression() {
+ }
+
+ public CheckAuthorisationMethodExpression(MethodExpression methodExpression) {
+ this.methodExpression = methodExpression;
+ }
+
+ @Override
+ public MethodInfo getMethodInfo(ELContext context) {
+ return methodExpression.getMethodInfo(context);
+ }
+
+ @Override
+ public Object invoke(ELContext context, Object[] objects) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("MethodBinding invoke " + getExpressionString());
+ }
+ // MethodExpression with a argument list would not be checked for authorisation
+ if ((objects!=null && objects.length > 0) || AuthorizationUtils.isAuthorized(FacesContext.getCurrentInstance(), getExpressionString())) {
+ return methodExpression.invoke(context, objects);
+ } else {
+ // TODO better message
+ FacesContext.getCurrentInstance().addMessage(null, new FacesMessage("Not authorised"));
+ return null;
+ }
+ }
+
+ @Override
+ public String getExpressionString() {
+ return methodExpression.getExpressionString();
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ return methodExpression.equals(obj);
+ }
+
+ @Override
+ public int hashCode() {
+ return methodExpression.hashCode();
+ }
+
+ @Override
+ public boolean isLiteralText() {
+ return methodExpression.isLiteralText();
+ }
+
+ public Object saveState(FacesContext facesContext) {
+ Object[] saveState = new Object[1];
+ saveState[0] = UIComponentBase.saveAttachedState(facesContext, methodExpression);
+ return saveState;
+ }
+
+ public void restoreState(FacesContext facesContext, Object savedState) {
+ Object[] values = (Object[]) savedState;
+ methodExpression = (MethodExpression) UIComponentBase.restoreAttachedState(facesContext, values[0]);
+ }
+
+ public boolean isTransient() {
+ return methodExpression instanceof StateHolder && ((StateHolder) methodExpression).isTransient();
+ }
+
+ public void setTransient(boolean bool) {
+ if (methodExpression instanceof StateHolder) {
+ ((StateHolder) methodExpression).setTransient(bool);
+ }
+ }
+
+ public boolean isAuthorized(FacesContext facesContext) {
+ return AuthorizationUtils.isAuthorized(facesContext, getExpressionString());
+ }
+}
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredButton.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredButton.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredButton.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredButton.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,47 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.myfaces.tobago.component.UIButton;
+
+import javax.el.MethodExpression;
+import javax.faces.context.FacesContext;
+
+public class UISecuredButton extends UIButton {
+
+ public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredButton";
+
+ @Override
+ public boolean isDisabled() {
+ if (getActionExpression() instanceof CheckAuthorisationMethodExpression) {
+ return !((CheckAuthorisationMethodExpression)
+ getActionExpression()).isAuthorized(FacesContext.getCurrentInstance())
+ || super.isDisabled();
+ }
+ return super.isDisabled();
+ }
+
+ @Override
+ public void setActionExpression(MethodExpression actionExpression) {
+ if (actionExpression != null) {
+ super.setActionExpression(new CheckAuthorisationMethodExpression(actionExpression));
+ } else {
+ super.setActionExpression(actionExpression);
+ }
+ }
+}
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredCommand.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredCommand.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredCommand.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredCommand.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,48 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.myfaces.tobago.component.UICommand;
+
+import javax.el.MethodExpression;
+import javax.faces.context.FacesContext;
+
+
+public class UISecuredCommand extends UICommand {
+
+ public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredCommand";
+
+ @Override
+ public boolean isDisabled() {
+ if (getActionExpression() instanceof CheckAuthorisationMethodExpression) {
+ return !((CheckAuthorisationMethodExpression)
+ getActionExpression()).isAuthorized(FacesContext.getCurrentInstance())
+ || super.isDisabled();
+ }
+ return super.isDisabled();
+ }
+
+ @Override
+ public void setActionExpression(MethodExpression actionExpression) {
+ if (actionExpression != null) {
+ super.setActionExpression(new CheckAuthorisationMethodExpression(actionExpression));
+ } else {
+ super.setActionExpression(actionExpression);
+ }
+ }
+}
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredLinkCommand.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,47 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.myfaces.tobago.component.UILink;
+
+import javax.el.MethodExpression;
+import javax.faces.context.FacesContext;
+
+public class UISecuredLinkCommand extends UILink {
+
+ public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredLinkCommand";
+
+ @Override
+ public boolean isDisabled() {
+ if (getActionExpression() instanceof CheckAuthorisationMethodExpression) {
+ return !((CheckAuthorisationMethodExpression)
+ getActionExpression()).isAuthorized(FacesContext.getCurrentInstance())
+ || super.isDisabled();
+ }
+ return super.isDisabled();
+ }
+
+ @Override
+ public void setActionExpression(MethodExpression actionExpression) {
+ if (actionExpression != null) {
+ super.setActionExpression(new CheckAuthorisationMethodExpression(actionExpression));
+ } else {
+ super.setActionExpression(actionExpression);
+ }
+ }
+}
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredMenuCommand.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,49 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+import org.apache.myfaces.tobago.component.UIMenuCommand;
+
+import javax.el.MethodExpression;
+import javax.faces.context.FacesContext;
+
+
+public class UISecuredMenuCommand extends UIMenuCommand {
+
+ public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredMenuCommand";
+
+ @Override
+ public boolean isDisabled() {
+ if (getActionExpression() instanceof CheckAuthorisationMethodExpression) {
+ return !((CheckAuthorisationMethodExpression)
+ getActionExpression()).isAuthorized(FacesContext.getCurrentInstance())
+ || super.isDisabled();
+ }
+ return super.isDisabled();
+ }
+
+ @Override
+ public void setActionExpression(MethodExpression actionExpression) {
+ if (actionExpression != null) {
+ super.setActionExpression(new CheckAuthorisationMethodExpression(actionExpression));
+ } else {
+ super.setActionExpression(actionExpression);
+ }
+ }
+}
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java-jsf-1.2/org/apache/myfaces/tobago/security/UISecuredToolBarCommand.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,47 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.myfaces.tobago.component.UIToolBarCommand;
+
+import javax.el.MethodExpression;
+import javax.faces.context.FacesContext;
+
+public class UISecuredToolBarCommand extends UIToolBarCommand {
+
+ public static final String COMPONENT_TYPE = "org.apache.myfaces.tobago.SecuredToolBarCommand";
+
+ @Override
+ public boolean isDisabled() {
+ if (getActionExpression() instanceof CheckAuthorisationMethodExpression) {
+ return !((CheckAuthorisationMethodExpression)
+ getActionExpression()).isAuthorized(FacesContext.getCurrentInstance())
+ || super.isDisabled();
+ }
+ return super.isDisabled();
+ }
+
+ @Override
+ public void setActionExpression(MethodExpression actionExpression) {
+ if (actionExpression != null) {
+ super.setActionExpression(new CheckAuthorisationMethodExpression(actionExpression));
+ } else {
+ super.setActionExpression(actionExpression);
+ }
+ }
+}
Added: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java?rev=1086020&view=auto
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java (added)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/AuthorizationUtils.java Sun Mar 27 20:14:33 2011
@@ -0,0 +1,131 @@
+package org.apache.myfaces.tobago.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.annotation.security.DenyAll;
+import javax.annotation.security.PermitAll;
+import javax.annotation.security.RolesAllowed;
+import javax.faces.context.FacesContext;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.AnnotatedElement;
+import java.lang.reflect.Method;
+import java.util.Arrays;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+
+public class AuthorizationUtils {
+ private static final Logger LOG = LoggerFactory.getLogger(AuthorizationUtils.class);
+
+ private static final Object NULL_VALUE = new Object();
+ private static final Map<String, Object> AUTHORISATION_CACHE = new ConcurrentHashMap<String, Object>();
+
+ public static boolean isAuthorized(FacesContext facesContext, String expression) {
+
+ Annotation securityAnnotation = getSecurityAnnotation(facesContext, expression);
+ if (securityAnnotation == null) {
+ return true;
+ }
+
+ if (securityAnnotation instanceof DenyAll) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("DenyAll");
+ }
+ return false;
+ }
+ if (securityAnnotation instanceof RolesAllowed) {
+ String [] roles = ((RolesAllowed) securityAnnotation).value();
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("RolesAllowed " + Arrays.asList(((RolesAllowed) securityAnnotation).value()));
+ }
+ for (String role : roles) {
+ boolean authorised = facesContext.getExternalContext().isUserInRole(role);
+ if (authorised) {
+ return true;
+ }
+ }
+ return false;
+ }
+ if (securityAnnotation instanceof PermitAll) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("PermitAll");
+ }
+ return true;
+ }
+ return true;
+ }
+
+ private static Annotation getSecurityAnnotations(AnnotatedElement annotatedElement) {
+ Annotation annotation = annotatedElement.getAnnotation(RolesAllowed.class);
+ if (annotation != null) {
+ return annotation;
+ }
+ annotation = annotatedElement.getAnnotation(DenyAll.class);
+ if (annotation != null) {
+ return annotation;
+ }
+ annotation = annotatedElement.getAnnotation(PermitAll.class);
+ if (annotation != null) {
+ return annotation;
+ }
+ return null;
+ }
+
+ private static Annotation getSecurityAnnotation(FacesContext facesContext, String expression) {
+ if (AUTHORISATION_CACHE.containsKey(expression)) {
+ Object obj = AUTHORISATION_CACHE.get(expression);
+ if (obj instanceof Annotation) {
+ return (Annotation) obj;
+ }
+ return null;
+ } else {
+ Annotation securityAnnotation = null;
+ if (expression.startsWith("#{") && expression.endsWith("}")) {
+ expression = expression.substring(2, expression.length()-1);
+ int index = expression.lastIndexOf('.');
+ if (index != -1) {
+ String methodExpression = expression.substring(index+1, expression.length());
+ String beanExpression = expression.substring(0, index);
+ // TODO find a better way
+ Object bean =
+ facesContext.getApplication().getVariableResolver().resolveVariable(facesContext, beanExpression);
+ if (bean != null) {
+ try {
+ Method method = bean.getClass().getMethod(methodExpression);
+ securityAnnotation = getSecurityAnnotations(method);
+ if (securityAnnotation == null) {
+ securityAnnotation = getSecurityAnnotations(bean.getClass());
+ }
+ } catch (NoSuchMethodException e) {
+ LOG.error("No Method " + methodExpression + " in class " + bean.getClass(), e);
+ }
+ }
+ }
+ }
+ if (securityAnnotation != null) {
+ AUTHORISATION_CACHE.put(expression, securityAnnotation);
+ } else {
+ AUTHORISATION_CACHE.put(expression, NULL_VALUE);
+ }
+ return securityAnnotation;
+ }
+ }
+}
+
Modified: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/CheckAuthorisationMethodBinding.java
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/CheckAuthorisationMethodBinding.java?rev=1086020&r1=1086019&r2=1086020&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/CheckAuthorisationMethodBinding.java (original)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/java/org/apache/myfaces/tobago/security/CheckAuthorisationMethodBinding.java Sun Mar 27 20:14:33 2011
@@ -27,23 +27,9 @@ import javax.faces.context.FacesContext;
import javax.faces.component.StateHolder;
import javax.faces.component.UIComponentBase;
import javax.faces.application.FacesMessage;
-import javax.annotation.security.RolesAllowed;
-import javax.annotation.security.DenyAll;
-import javax.annotation.security.PermitAll;
-import java.util.Arrays;
-import java.util.Map;
-import java.util.HashMap;
-import java.lang.reflect.Method;
-import java.lang.reflect.AnnotatedElement;
-import java.lang.annotation.Annotation;
-
-/*
- * Date: 19.07.2006
- * Time: 16:11:43
- */
+
public class CheckAuthorisationMethodBinding extends MethodBinding implements StateHolder {
private static final Logger LOG = LoggerFactory.getLogger(CheckAuthorisationMethodBinding.class);
- private static final Map<String, Annotation> AUTHORISATION_CACHE = new HashMap<String, Annotation>();
private MethodBinding methodBinding;
@@ -67,8 +53,8 @@ public class CheckAuthorisationMethodBin
if (LOG.isDebugEnabled()) {
LOG.debug("MethodBinding invoke " + getExpressionString());
}
- // Methodbindings with a argument list would not be checked for authorisation
- if ((objects!=null && objects.length > 0) || isAuthorized(facesContext)) {
+ // MethodBindings with a argument list would not be checked for authorisation
+ if ((objects!=null && objects.length > 0) || AuthorizationUtils.isAuthorized(facesContext, getExpressionString())) {
return methodBinding.invoke(facesContext, objects);
} else {
// TODO better message
@@ -77,88 +63,6 @@ public class CheckAuthorisationMethodBin
}
}
- public boolean isAuthorized(FacesContext facesContext) {
-
- Annotation securityAnnotation = getSecurityAnnotation(facesContext);
- if (securityAnnotation == null) {
- return true;
- }
-
- if (securityAnnotation instanceof DenyAll) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("DenyAll");
- }
- return false;
- }
- if (securityAnnotation instanceof RolesAllowed) {
- String [] roles = ((RolesAllowed) securityAnnotation).value();
- if (LOG.isDebugEnabled()) {
- LOG.debug("RolesAllowed " + Arrays.asList(((RolesAllowed) securityAnnotation).value()));
- }
- for (String role : roles) {
- boolean authorised = facesContext.getExternalContext().isUserInRole(role);
- if (authorised) {
- return true;
- }
- }
- return false;
- }
- if (securityAnnotation instanceof PermitAll) {
- if (LOG.isDebugEnabled()) {
- LOG.debug("PermitAll");
- }
- return true;
- }
- return true;
- }
- private Annotation getSecurityAnnotation(FacesContext facesContext) {
- String expression = getExpressionString();
- if (AUTHORISATION_CACHE.containsKey(expression)) {
- return AUTHORISATION_CACHE.get(expression);
- } else {
- Annotation securityAnnotation = null;
- if (expression.startsWith("#{") && expression.endsWith("}")) {
- expression = expression.substring(2, expression.length()-1);
- int index = expression.lastIndexOf('.');
- if (index != -1) {
- String methodExpression = expression.substring(index+1, expression.length());
- String beanExpression = expression.substring(0, index);
- // TODO find a better way
- Object bean =
- facesContext.getApplication().getVariableResolver().resolveVariable(facesContext, beanExpression);
- if (bean != null) {
- try {
- Method method = bean.getClass().getMethod(methodExpression);
- securityAnnotation = getSecurityAnnotations(method);
- if (securityAnnotation == null) {
- securityAnnotation = getSecurityAnnotations(bean.getClass());
- }
- } catch (NoSuchMethodException e) {
- LOG.error("No Method " + methodExpression + " in class " + bean.getClass(), e);
- }
- }
- }
- }
- AUTHORISATION_CACHE.put(expression, securityAnnotation);
- return securityAnnotation;
- }
- }
- private Annotation getSecurityAnnotations(AnnotatedElement annotatedElement) {
- Annotation annotation = annotatedElement.getAnnotation(RolesAllowed.class);
- if (annotation != null) {
- return annotation;
- }
- annotation = annotatedElement.getAnnotation(DenyAll.class);
- if (annotation != null) {
- return annotation;
- }
- annotation = annotatedElement.getAnnotation(PermitAll.class);
- if (annotation != null) {
- return annotation;
- }
- return null;
- }
-
public Object saveState(FacesContext facesContext) {
Object[] saveState = new Object[1];
saveState[0] = UIComponentBase.saveAttachedState(facesContext, methodBinding);
@@ -179,4 +83,8 @@ public class CheckAuthorisationMethodBin
((StateHolder) methodBinding).setTransient(bool);
}
}
+
+ public boolean isAuthorized(FacesContext facesContext) {
+ return AuthorizationUtils.isAuthorized(facesContext, getExpressionString());
+ }
}
Modified: myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/resources/META-INF/faces-config.xml
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/resources/META-INF/faces-config.xml?rev=1086020&r1=1086019&r2=1086020&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/resources/META-INF/faces-config.xml (original)
+++ myfaces/tobago/trunk/tobago-extension/tobago-security/src/main/resources/META-INF/faces-config.xml Sun Mar 27 20:14:33 2011
@@ -21,22 +21,18 @@
<faces-config>
- <factory>
- <application-factory>org.apache.myfaces.tobago.security.ApplicationFactoryImpl</application-factory>
- </factory>
-
<component>
<component-type>org.apache.myfaces.tobago.Command</component-type>
<component-class>org.apache.myfaces.tobago.security.UISecuredCommand</component-class>
</component>
<component>
- <component-type>org.apache.myfaces.tobago.LinkCommand</component-type>
+ <component-type>org.apache.myfaces.tobago.Link</component-type>
<component-class>org.apache.myfaces.tobago.security.UISecuredLinkCommand</component-class>
</component>
<component>
- <component-type>org.apache.myfaces.tobago.ButtonCommand</component-type>
+ <component-type>org.apache.myfaces.tobago.Button</component-type>
<component-class>org.apache.myfaces.tobago.security.UISecuredButton</component-class>
</component>
@@ -45,4 +41,9 @@
<component-class>org.apache.myfaces.tobago.security.UISecuredMenuCommand</component-class>
</component>
+ <component>
+ <component-type>org.apache.myfaces.tobago.ToolBarCommand</component-type>
+ <component-class>org.apache.myfaces.tobago.security.UISecuredToolBarCommand</component-class>
+ </component>
+
</faces-config>