Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

blackboard.platform.security
Class SecurityUtil

java.lang.Object
  extended by blackboard.platform.security.SecurityUtil

public class SecurityUtil
extends java.lang.Object

This class provides utility methods for security logic, notably around checking for entitlements.

Since:
Blackboard 6.0
Version:
$Revision: #1 $ $Date: 2005/06/27 $

Field Summary
static java.lang.String HASH_ALGORITHM
           
 
Constructor Summary
SecurityUtil()
           
 
Method Summary
static void checkPermission(java.security.Permission perm)
          Performs a check for the specified permission against the installed SecurityManager.
static BbResourceBundle getBundle()
          Returns the security ResourceBundle, based on the current context locale.
static java.lang.String getHashValue(java.lang.String input)
          Utility method that generates a hex-formatted string representation of the message digest obtained from the specified string.
static java.lang.String getHashValue(java.lang.String input, java.lang.String charSet)
          Utility method that generates a hex-formatted string representation of the message digest obtained from the specified string.
static boolean userHasAllEntitlements(Id userId, Id courseId, Entitlements entitlements)
          userHasAllEntitlements Logical AND Use for fine-grained authorization --User may have be entitled access to a page, but not a given widget on the page
static boolean userHasAllEntitlements(java.lang.String[] entitlementNames)
          Checks to see if the user has all the entitlements specified, using Context derived from specified HttpServletRequest object.
static boolean userHasAllEntitlements(User user, Course course, Entitlements entitlements)
          Method to check that a user has all entitlements for an explicit course context.
static boolean userHasAnyEntitlements(java.lang.String[] entitlementNames)
          userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --No user id param; implicit Context object assumed
static boolean userHasAnyEntitlements(User user, CourseMembership courseMembership, Entitlements entitlements)
          userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --User id param; implicit Context object _not_ assumed
static boolean userHasEntitlement(Context context, Entitlement entitlement)
          Checks if the user in the provided context has the specified entitlement.
static boolean userHasEntitlement(Id userId, Id courseId, Entitlement entitlement)
          Method to check if an explicit user has a specific entitlement.
static boolean userHasEntitlement(java.lang.String entitlementUID)
          Checks if the current context user has the entitlement with the specified UID.
static boolean userHasEntitlement(User user, Course course, Entitlement entitlement)
          Explicit check for a single entitlement.
static boolean userHasEntitlement(User user, CourseMembership courseMembership, Entitlement entitlement)
          Explicit check for a single entitlement.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

HASH_ALGORITHM

public static final java.lang.String HASH_ALGORITHM
See Also:
Constant Field Values
Constructor Detail

SecurityUtil

public SecurityUtil()
Method Detail

checkPermission

public static void checkPermission(java.security.Permission perm)
Performs a check for the specified permission against the installed SecurityManager. If no SecurityManager is installed, this is a no-op.

Parameters:
perm - The permission to check. For convenience, this may be null. The result is a no-op.

getHashValue

public static java.lang.String getHashValue(java.lang.String input)
Utility method that generates a hex-formatted string representation of the message digest obtained from the specified string. Used in generating persistent password references and challenges in the challenge response protocol. Using UTF-16LE to coordinate encryption provided by javascript md5 hash routine.

Parameters:
input - String to hash, format and return
Returns:
Hexadecimal representation of the hashed message. All characters are lowercase.

getHashValue

public static java.lang.String getHashValue(java.lang.String input,
                                            java.lang.String charSet)
Utility method that generates a hex-formatted string representation of the message digest obtained from the specified string. Used in generating persistent password references and challenges in the challenge response protocol.

Parameters:
input - String to hash, format and return
character - set to be used ( UTF-8 or ISO-8859-1 )
Returns:
Hexadecimal representation of the hashed message. All characters are lowercase.

userHasEntitlement

public static boolean userHasEntitlement(java.lang.String entitlementUID)
Checks if the current context user has the entitlement with the specified UID. Context is assumed to have been set by the caller.

Parameters:
entitlementUID - UID of the entitlement to check. If this does not specify a valid entitlement UID, the check will always return false.
Returns:
true if the current context user has the specified entitlement; false if the user does not have the entitlement, the current context has no user, or the entitlement is invalid

userHasEntitlement

public static boolean userHasEntitlement(Context context,
                                         Entitlement entitlement)
Checks if the user in the provided context has the specified entitlement.

Parameters:
context - the context providing the user to check. If the context does not have a user, the check will always return false.
entitlement - the entitlement to check. If null, the check will always return false.
Returns:
true if the user in the provided context has the specified entitlement; false if the user does not have the entitlement, the provided context has no user, or the entitlement is null

userHasEntitlement

public static boolean userHasEntitlement(Id userId,
                                         Id courseId,
                                         Entitlement entitlement)
Method to check if an explicit user has a specific entitlement. This method works by aggregating relevant entitlements from the user's system role and course role. Please note that this interface method assumes that the ContextManager has already set the context appropriately, so that this method can load user and course data for the correct virtual installation.

Parameters:
userId - Explicit id to check
courseId - Explicit id to check.
entitlement - Entitlement to check. Cannot be null, or false will automatically be returned
Returns:
true if one of the users' roles has the specified entitlement. If userId == null, or the userId is not set, or the entitlement is null, false will be returned

userHasEntitlement

public static boolean userHasEntitlement(User user,
                                         Course course,
                                         Entitlement entitlement)
Explicit check for a single entitlement. Please note that this method should be used for most single-entitlement checks, since it does not require loading the User from the database. This method is distinct from {@link #userHasEntitlement(User, CourseMembership, Entitlement)because of the Observer case. A user may not be enrolled in a course, but their observed user is.

Parameters:
user - the current User, usually stored in the Context for this thread
course - the current Course, usually stored in the Context for this thread
entitlement - the Entitlement in question
Returns:
true if either the User's system or Course role for the provided course are associated with the entitlement, or if an observed user has the entitlement in this context; false otherwise.

userHasEntitlement

public static boolean userHasEntitlement(User user,
                                         CourseMembership courseMembership,
                                         Entitlement entitlement)
Explicit check for a single entitlement. Please note that this method should be used for most single-entitlement checks, since it does not require loading the User from the database.

Parameters:
user - the current User, usually stored in the Context for this thread
courseMembership - Used to determine any entitlements conferrable from a course role. This argument may be null.
entitlement - the Entitlement to check. If this is null, false is returned.
Returns:
true if the user's system role or current course role have the specified entitlement

userHasAllEntitlements

public static boolean userHasAllEntitlements(java.lang.String[] entitlementNames)
Checks to see if the user has all the entitlements specified, using Context derived from specified HttpServletRequest object. For example, a user may have be entitled access to a page, but not a given widget on the page. Note that there is no explicit user or course parameter; this method derives that information from Context.

Parameters:
entitlementNames - Array of entitlement UIDs to check
Returns:
true if and only if the user has all the specified entitlements in the context defined by request

userHasAllEntitlements

public static boolean userHasAllEntitlements(Id userId,
                                             Id courseId,
                                             Entitlements entitlements)
userHasAllEntitlements Logical AND Use for fine-grained authorization --User may have be entitled access to a page, but not a given widget on the page

Parameters:
user - implicit Context object _not_ assumed
course - implicit Context object _not_ assumed

userHasAllEntitlements

public static boolean userHasAllEntitlements(User user,
                                             Course course,
                                             Entitlements entitlements)
Method to check that a user has all entitlements for an explicit course context. Use for fine-grained authorization -- a user may have be entitled access to a page, but not a given widget on the page Please note that this method should be used for most entitlements checks, since it does not require loading the User from the database.

Parameters:
user - the current User, stored in the Context for this thread
course - the current Course, stored in the Context for this thread
entitlements - the set of Entitlements in question
Returns:
true if and only if the user has all the entitlements in the context implied by User and Course

userHasAnyEntitlements

public static boolean userHasAnyEntitlements(java.lang.String[] entitlementNames)
userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --No user id param; implicit Context object assumed

userHasAnyEntitlements

public static boolean userHasAnyEntitlements(User user,
                                             CourseMembership courseMembership,
                                             Entitlements entitlements)
userHasAnyEntitlements Logical OR Use for coarse-grained authorization; for example to check whether user may enter admin page --User may have be entitled access to some but not all widgets on the page --User id param; implicit Context object _not_ assumed

getBundle

public static BbResourceBundle getBundle()
Returns the security ResourceBundle, based on the current context locale.

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003 Blackboard, Inc. All Rights Reserved.