Package info.magnolia.cms.security

Interface Summary
AccessManager Handles ACL checks and knows the users permissions.
Group A user group.
GroupManager Manages the groups.
IPSecurityManager Used to check if a client has access based on his IP address.
Permission A permission is a collection of rights and can match paths.
Realm Provides the name for the default realm.
Role A role is a collection of ACLs (permissions).
RoleManager Manages roles.
SecuritySupport Entry point to get the various managers like UserManager, GroupManager and RoleManager.
User Represents a magnolia user.
UserManager Manages users.
 

Class Summary
AbstractUser Abstract user implementation.
AccessManagerImpl Default implementation for AccessManager.
ACLImpl Basic ACL implementation.
BaseSecurityFilter Provides basic infrastructure for filters which check if a request is authorized.
ContentSecurityFilter Used to check if the user can read the requested content.
CsrfSecurityFilter Ensure that the request is not a CSRF attack.
DelegatingUserManager A UserManager delegating to a set of user managers.
Digester Deprecated. since 4.5.3 - use SecurityUtil instead.
DummyUser Deprecated. since 4.3.6 - usage needs to be reviewed - see MAGNOLIA-3269
ExternalUser A user which is not stored in Magnolia.
ExternalUserManager Manages the JAAS users.
HierarchicalUserManager A variation of a MgnlUserManager which stores users hierarchically using the following structure: /<realm>/<first letter of user name>/<first two letters of user name>.
IPSecurityManager.Factory Factory to get the singleton instance.
IPSecurityManagerImpl A very limited implementation of IPSecurityManager.
IPSecurityManagerImpl.InstanceFactory Provides a custom transformer as the current configuration is not c2b friendly.
IPSecurityManagerImpl.IPSecurityManagerTransformer Transformer which uses the IP value of the rule as the key.
IPSecurityManagerImpl.Rule Basic rule.
JCRSessionOp<R> Operation requiring session access.
Lock Used to lock a session or the system.
LogoutFilter Performing the logout operation if the parameter "mgnlLogout" is present.
MgnlGroup A group implementation.
MgnlGroupManager Group manager working directly with JCR API and returning simple groups (no JCR node aware).
MgnlKeyPair Private and public key holder.
MgnlRole Wraps a role jcr-node.
MgnlRoleManager Manages the users stored in the RepositoryConstants.USER_ROLES workspace.
MgnlUser User for 4.5 instance In difference from old MgnlUser, this class operates directly on JCR session and with JCR nodes/properties as our hierarchy managers are not available at the login time.
MgnlUserManager Manages the users stored in Magnolia itself.
PermissionImpl Concrete implementation of Permission using UrlPattern to match pathes.
PermissionUtil Collection of methods for handling permission related processing.
PrincipalUtil Utility methods for handling JAAS principals.
Realm.Factory Factory for providing realms.
Realm.RealmImpl Implementation of the realm.
RepositoryBackedSecurityManager Common parent class for repo based security managers.
RescueSecuritySupport To be used as a replacement of /server/security or SecuritySupportImpl in mgnl-beans.properties in case the configuration is messed up.
Security Get the current role or user manager.
SecurityCallbackFilter A filter which handles 401, 403 HTTP response codes, as well as AccessDeniedExceptions, and renders an appropriate "login form" (which can consist of a redirect or anything else just as well).
SecurityCallbackFilter.StatusSniffingResponseWrapper A simple HttpServletResponseWrapper which keeps track of the current http status code.
SecurityConstants Common constants used throughout the security.
SecuritySupport.Factory Factory to retrieve the singleton instance.
SecuritySupportBase Base implementation of SecuritySupport using JAAS for authentication.
SecuritySupportImpl Default SecuritySupport.
SecurityUtil Utility functions required in the context of Security.
SilentSessionOp<R> Session operation that just logs all exceptions instead of re-throwing them.
SystemUserManager Responsible to handle system users like anonymous and superuser.
URISecurityFilter This Filter protects URI as defined by ROLE(s)/GROUP(s) ACL.
 

Exception Summary
AccessDeniedException Magnolia's counterpart to AccessDeniedException.
PrincipalNotFoundException Throw when a Principal is search and not found.
 



Copyright © 2003–2014 Magnolia International Ltd.. All rights reserved.