Velocity & Acegi

[todds]

Hi,
I'm interested in using Acegi for security in my system, however I'm not sure how it integrates with Velocity, since that's what I'm going to use rather than JSP. In the docs, this is quoted:

Code:

<authz&#58;authorize ifAllGranted="ROLE_SUPERVISOR">
  <td>
    <A HREF="del.htm?id=<c&#58;out value="$&#123;contact.id&#125;"/>">Del</A>
  </td>
</authz&#58;authorize>

I'm wondering if there is anything similar for velocity?

Thanks.

[Ben Alex]

You'll need to expose a Velocity helper that will access the ContextHolder (which is a ThreadLocal that holds the current Authentication).

[2devnull]

Any idea how this would be done. Any code example would help.

[Ben Alex]

You'd write a POJO and expose it via a VelocityView subclass that overrides exposeHelpers(Map, HttpServletRequest). The POJO will contain some code like this (NB: I haven't testing this):

Code:

public Authentication getAuthentication() {
  if (ContextHolder.getContext() != null && ContextHolder.getContext() instanceof SecureContext) {
    return ((SecureContext) ContextHolder.getContext()).getAuthentication();
  }
  return null;
}

public boolean isGranted(String role) {
  Authentication auth = getAuthentication();
  if (auth == null)
    return false;
  for &#40;int i=0; i < auth.getAuthorities&#40;&#41;.length; i++&#41; &#123;
    if &#40;role.equals&#40;auth.getAuthorities&#40;&#41;&#91;i&#93;.getAuthority&#40;&#41;&#41;&#41;
      return true;
  &#125;
  return false;
&#125;

I personally use FreeMarker, so I'm not 100% how to include the body of your macro in Velocity. In FreeMarker you'd do something like this:

Code:

<#macro granted authority>
  <#if acegiSecurityHelper.isGranted&#40;authority&#41;>
    <#nested>
  </#if>
</#macro>

HTH