|
||||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||
| Interface Summary | |
|---|---|
| AccessManager | Handles ACL checks and knows the users permissions. |
| Group | A user group. |
| GroupManager | Manages groups, groups are identified by name and can be organized in folders. |
| IPSecurityManager | Used to check if a client has access based on his IP address. |
| Permission | A permission is a collection of rights and can match paths. |
| Realm | Provides the name for the default realm. |
| Role | A role is a collection of ACLs (permissions). |
| RoleManager | Manages roles, roles are identified by name and can be organized in folders. |
| SecuritySupport | Entry point to get the various managers like UserManager, GroupManager and RoleManager. |
| User | Represents a magnolia user. |
| UserManager | Manages users. |
| Class Summary | |
|---|---|
| AbstractUser | Abstract user implementation. |
| AccessManagerImpl | Default implementation for AccessManager. |
| ACLImpl | Basic ACL implementation. |
| BaseSecurityFilter | Provides basic infrastructure for filters which check if a request is authorized. |
| ContentSecurityFilter | Used to check if the user can read the requested content. |
| DelegatingUserManager | A UserManager delegating to a set of user managers. |
| Digester | Deprecated. since 4.5.3 - use SecurityUtil instead. |
| DummyUser | Deprecated. since 4.3.6 - usage needs to be reviewed - see MAGNOLIA-3269 |
| ExternalUser | A user which is not stored in Magnolia. |
| ExternalUserManager | Manages the JAAS users. |
| HierarchicalUserManager | A variation of a MgnlUserManager which stores users hierarchically using the following structure: /<realm>/<first letter of user name>/<first two letters of user name>. |
| IPSecurityManager.Factory | Factory to get the singleton instance. |
| IPSecurityManagerImpl | A very limited implementation of IPSecurityManager. |
| IPSecurityManagerImpl.InstanceFactory | Provides a custom transformer as the current configuration is not c2b friendly. |
| IPSecurityManagerImpl.IPSecurityManagerTransformer | Transformer which uses the IP value of the rule as the key. |
| IPSecurityManagerImpl.Rule | Basic rule. |
| JCRSessionOp<R> | Operation requiring session access. |
| Lock | Used to lock a session or the system. |
| LogoutFilter | Performing the logout operation if the parameter "mgnlLogout" is present. |
| MgnlGroup | A group implementation. |
| MgnlGroupManager | Group manager working directly with JCR API and returning simple groups (no JCR node aware). |
| MgnlKeyPair | Private and public key holder. |
| MgnlRole | Wraps a role jcr-node. |
| MgnlRoleManager | Manages the users stored in the RepositoryConstants.USER_ROLES workspace. |
| MgnlUser | User for 4.5 instance In difference from old MgnlUser, this class operates directly on JCR session and with JCR nodes/properties as our hierarchy managers are not available at the login time. |
| MgnlUserManager | Manages the users stored in Magnolia itself. |
| PermissionImpl | Concrete implementation of Permission using UrlPattern to match pathes. |
| PermissionUtil | Collection of methods for handling permission related processing. |
| PrincipalUtil | Utility methods for handling JAAS principals. |
| Realm.Factory | Factory for providing realms. |
| Realm.RealmImpl | Implementation of the realm. |
| RepositoryBackedSecurityManager | Common parent class for repo based security managers. |
| RescueSecuritySupport | To be used as a replacement of /server/security or SecuritySupportImpl in mgnl-beans.properties in case the configuration is messed up. |
| RescueSecuritySupport.RescueUser | TODO extract as top level class? Currently this class is tested implicitly by RescueSecuritySupportTest. |
| RescueSecuritySupport.RescueUserManager | TODO: extract as top level class? Currently this class is tested implicitly by RescueSecuritySupportTest. |
| Security | Deprecated. since 5.1 - use IoC to get SecuritySupport or directly use SecurityUtil instead. |
| SecurityCallbackFilter | A filter which handles 401, 403 HTTP response codes, as well as AccessDeniedExceptions,
and renders an appropriate "login form" (which can consist of a redirect or anything else just as well). |
| SecurityCallbackFilter.StatusSniffingResponseWrapper | A simple HttpServletResponseWrapper which keeps track of the current http status code. |
| SecurityConstants | Common constants used throughout the security. |
| SecuritySupport.Factory | Deprecated. since 5.1 - use IoC instead |
| SecuritySupportBase | Base implementation of SecuritySupport using JAAS for authentication. |
| SecuritySupportImpl | Default SecuritySupport. |
| SecuritySupportObservedComponentFactory | Special ObservedComponentFactory used for providing a SecuritySupport already during the initialization phase - before the proper SecuritySupportImpl can been instantiated. |
| SecurityUtil | Utility functions required in the context of Security. |
| SilentSessionOp<R> | Session operation that just logs all exceptions instead of re-throwing them. |
| SystemUserManager | Responsible to handle system users like anonymous and superuser. |
| URISecurityFilter | This Filter protects URI as defined by ROLE(s)/GROUP(s) ACL. |
| Exception Summary | |
|---|---|
| AccessDeniedException | Magnolia's counterpart to AccessDeniedException. |
| PrincipalNotFoundException | Throw when a Principal is search and not found. |
|
||||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | |||||||||