Package org.cometd.server

Class DefaultSecurityPolicy

java.lang.Object

org.cometd.server.DefaultSecurityPolicy

All Implemented Interfaces:

SecurityPolicy

public class DefaultSecurityPolicy
extends Object
implements SecurityPolicy

Constructor Summary

Constructors

Constructor	Description
DefaultSecurityPolicy()

Method Summary

Modifier and Type	Method	Description
boolean	canCreate(BayeuxServer server, ServerSession session, String channelId, ServerMessage message)	Checks if a message should be allowed to create a new channel.
boolean	canHandshake(BayeuxServer server, ServerSession session, ServerMessage message)	Checks if a handshake message should be accepted.
boolean	canPublish(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message)	Checks if a client can publish a message to a channel.
boolean	canSubscribe(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message)	Checks if a subscribe message from a client is allowed to subscribe to a channel.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DefaultSecurityPolicy

public DefaultSecurityPolicy()

Method Details

canCreate

public boolean canCreate(BayeuxServer server, ServerSession session, String channelId, ServerMessage message)

Description copied from interface: SecurityPolicy

Checks if a message should be allowed to create a new channel.

A subscribe message or publish message to a channel not yet known to the server triggers this check. Both remote sessions and local sessions, when performing subscribes or publishes via ClientSessionChannel.subscribe(ClientSessionChannel.MessageListener) or ClientSessionChannel.publish(Object) are therefore subject to this check.

Direct calls to BayeuxServer.createChannelIfAbsent(String, ConfigurableServerChannel.Initializer...) are not subject to this check.

Specified by:

canCreate in interface SecurityPolicy

Parameters:

server - the BayeuxServer object

session - the client sending the message

channelId - the channel to be created

message - the message trying to create the channel

Returns:

true if the channel should be created

canHandshake

public boolean canHandshake(BayeuxServer server, ServerSession session, ServerMessage message)

Description copied from interface: SecurityPolicy

Checks if a handshake message should be accepted.

Both remote sessions and local sessions are subject to this check. Applications usually want local sessions (that is, server-side only sessions related to services) to always pass this check, so a typical implementation filters local session using ServerSession.isLocalSession().

Specified by:

canHandshake in interface SecurityPolicy

Parameters:

server - the BayeuxServer object

session - the session (not yet added to the BayeuxServer)

message - the handshake message

Returns:

true if the handshake message should be accepted and the ServerSession instance associated to the BayeuxServer object

canPublish

public boolean canPublish(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message)

Description copied from interface: SecurityPolicy

Checks if a client can publish a message to a channel.

Both remote and local sessions are subject to this check when performing publishes via ClientSessionChannel.publish(Object).

ServerChannel.publish(Session, Object) is not subject to this check.

Specified by:

canPublish in interface SecurityPolicy

Parameters:

server - the BayeuxServer object

session - the client sending the message

channel - the channel to publish to

message - the message to being published

Returns:

true if the client can publish to the channel

canSubscribe

public boolean canSubscribe(BayeuxServer server, ServerSession session, ServerChannel channel, ServerMessage message)

Description copied from interface: SecurityPolicy

Checks if a subscribe message from a client is allowed to subscribe to a channel.

Both remote and local sessions are subject to this check when performing subscribes via ClientSessionChannel.subscribe(ClientSessionChannel.MessageListener).

ServerChannel.subscribe(ServerSession) is not subject to this check.

Specified by:

canSubscribe in interface SecurityPolicy

Parameters:

server - the BayeuxServer object

session - the client sending the message

channel - the channel to subscribe to

message - the subscribe message

Returns:

true if the client can subscribe to the channel