-
Notifications
You must be signed in to change notification settings - Fork 3
Custom Authorizers
uklance edited this page Nov 15, 2012
·
10 revisions
Security can be added to your topics via custom authorizers which fire on every client subscription attempt. Authorizer configuration must specify a topic and can pass or fail an authorization attempt by returning a boolean from isAuthorized(PushSession).
Authorizers can be contributed via your Tapestry application's IOC Module.
public static void contributeAuthorizers(
OrderedConfiguration<AuthorizerContribution> config,
final MyAuthorizationService authService,
final ApplicationStateManager asm)
{
Authorizer myAuthorizer = new Authorizer() {
public boolean isAuthorized(PushSession pushSession) {
User user = asm.getIfExists(User.class);
return authService.isAuthorized(user, pushSession.getTopic());
}
};
AuthorizerContribution contribution = new AuthorizerContribution("/**", myAuthorizer);
config.add("myAuthorizer", contribution, "before:*");
}Authorizers can be added and removed at runtime via the Authorizers service
@Inject
private Authorizers authorizers;
@Inject
private ApplicationStateManager asm;
@Inject
private MyAuthorizationService authService;
private Authorizer myAuthorizer;
public synchronized void doAdd() {
if (myAuthorizer == null) {
myAuthorizer = new Authorizer() {
public boolean isAuthorized(PushSession pushSession) {
User user = asm.getIfExists(User.class);
return authService.isAuthorized(user, pushSession.getTopic());
}
};
authorizers.addAuthorizer("/**", myAuthorizer);
}
}
public synchronized void doRemove() {
if (myAuthorizer != null) {
authorizers.removeAuthorizer("/**", myAuthorizer);
myAuthorizer = null;
}
}