Power of Two: pow2acl tag library

Version: 1.0

Overview
Requirements
Configuration
Tag Summary
Tag Reference
Examples
Javadocs

Overview

The pow2acl taglib library provides tag to call the authentication methods of the Pow2ACL package. See the Power of Two Homepage for details.

This JSP tag library can be used to control access in your JSP pages or in part of them

Requirements

This custom tag library requires no software other than a servlet container that supports the JavaServer Pages Specification, version 1.1 or higher. See the Pow2ACL documentation for requirements and installation info of this package.

Configuration

Follow these steps to configure your web application with this tag library:

Copy the tag library descriptor file to the /WEB-INF subdirectory of your web application.
Copy the tag library JAR file to the /WEB-INF/lib subdirectory of your web application.

Add a <taglib> element to your web application deployment descriptor in /WEB-INF/web.xml like this:

<taglib>
  <taglib-uri>/WEB-INF/pow2acl.tld</taglib-uri>
  <taglib-location>/WEB-INF/tld/pow2acl.tld</taglib-location>
</taglib>

To use the tags from this library in your JSP pages, add the following directive at the top of each page:

<%@ taglib uri="/WEB-INF/pow2acl.tld" prefix="acl" %>

where "acl" is the tag name prefix you wish to use for tags from this library. You can change this value to any prefix you like.

Tag Summary

hasUserPermission	Permission checking tag. You can control the access to a resource in your JSP page, checking the permission and optionally the group of the current user in session. Valid permission or group names are the same present into the pow2ACL database.
isUserInRole	Role checking tag. You can control the access to a resource in your JSP page, checking the role and optionally the group of the current user in session. Valid role or group names are the same present into the pow2ACL database.
isUserInGroup	Group checking tag. You can control the access to a resource in your JSP page, checking the group of the current user in session. Valid group names are the same present into the pow2ACL database.
isUserAuthenticated	Authentication checking tag. You can control the access to a resource in your JSP page, checking the authentication of the current user in session. Valid authenticated entries are presented into the pow2ACL database.

Tag Reference

hasUserPermission

Availability: version 1.0

Permission checking tag. You can control the access to a resource in your JSP page, checking the permission and optionally the group of the current user in session. Valid permission or group names are the same present into the pow2ACL database.

Tag Class com.pow2.acl.taglib.HasUserPermissionTag

Tag Body JSP

Script Variable No

Restrictions None

Attributes

Name	Required	Runtime Expression Evaluation
permission	true	true
The permission name.
group	false	true
The group name.
value	false	true
If value is set to false this tag includes body of tag only if user is NOT authenticated or if he / she has NOT got the declared permission. Default is true.

Example

<%-- You can use this tag to process the part of the the tag body JSP declarations only if the current user is a trusted user and he / she has got the declared permission and group. --%>


            
             <acl:hasUserPermission permission="DBAadmin" group="admin">
              <a href="deleteTable.jsp">delete table</a>
             </acl:hasUserPermission>

             <acl:hasUserPermission permission="DBAadmin" value="false">
              <a href="login.jsp">login</a>
             </acl:hasUserPermission>

isUserInRole

Availability: version 1.0

Role checking tag. You can control the access to a resource in your JSP page, checking the role and optionally the group of the current user in session. Valid role or group names are the same present into the pow2ACL database.

Tag Class com.pow2.acl.taglib.IsUserInRoleTag

Tag Body JSP

Script Variable No

Restrictions None

Attributes

Name	Required	Runtime Expression Evaluation
role	true	true
The role name.
group	false	true
The group name.
value	false	true
If value is set to false this tag includes body of tag only if user is NOT authenticated OR if he / she does NOT belong to the declared role and group (if specified). Default is true.

Example

<%-- You can use this tag to process the part of the the tag body JSP declarations only if the current user is a trusted user and he / she has got the declared role and group --%>


            
            <h1>Store menu</h1>
              <a href="store.jsp">view store items</a>
              <a href="cart.jsp">view basket content</a>

              <acl:isUserInRole role="admin" value="false">
                <a href="login.jsp">login as administrator</a>
              </acl:isUserInRole>

              <acl:isUserInRole role="admin">
                <a href="admin/index.jsp">admin store items</a>
              </acl:isUserInRole>

isUserInGroup

Availability: version 1.0

Group checking tag. You can control the access to a resource in your JSP page, checking the group of the current user in session. Valid group names are the same present into the pow2ACL database.

Tag Class com.pow2.acl.taglib.IsUserInGroupTag

Tag Body JSP

Script Variable No

Restrictions None

Attributes

Name	Required	Runtime Expression Evaluation
group	true	true
The group name.
value	false	true
If value is set to false this tag includes body of tag only if user is NOT authenticated OR if he / she does NOT belong to the declared group. Default is true.

Example

<%-- You can use this tag to process the part of the the tag body JSP declarations only if the current user is a trusted user and belongs to the declared group. --%>


            
              <acl:isUserInGroup group="guest">
                <b>restricted area!</b>.
                You must register to access this content.<br>
                <a href="register.jsp">go to registration form</a>
              </acl:isUserInGroup>

              or, you can declare:

              <acl:isUserInGroup group="member" value="false">
                <b>restricted area!</b>.
                You must register to access this content.<br>
                <a href="register.jsp">go to registration form</a>
              </acl:isUserInGroup>

              <acl:isUserInGroup group="member">
                <b>welcome to member area!</b>
                <!-- member area content here .... -->
              </acl:isUserInGroup>

isUserAuthenticated

Availability: version 1.0

Authentication checking tag. You can control the access to a resource in your JSP page, checking the authentication of the current user in session. Valid authenticated entries are presented into the pow2ACL database.

Tag Class com.pow2.acl.taglib.IsUserAuthenticatedTag

Tag Body JSP

Script Variable No

Restrictions None

Attributes

Name	Required	Runtime Expression Evaluation
value	false	true
If value is set to false this tag includes body of tag only if user is NOT authenticated. Default is true.

Example

<%-- You can use this tag to process the part of the the tag body JSP declarations only if the current user is a trusted user. --%>


              
                <acl:isUserAuthenticated/>
                  <a href="userAccount.jsp">user account</a>
                </acl:isUserAuthenticated>

                <acl:isUserAuthenticated value="false"/>
                  <a href="register.jsp">register</a>
                </acl:isUserAuthenticated>

Examples

See the provided web application for examples of the usage of the tags from this custom tag library.

Java Docs

Java programmers can view the java class documentation for this tag library as javadocs.

Power of Two: pow2acl tag library

Version: 1.0

Table of Contents

Overview

Requirements

Configuration

Tag Summary

Tag Reference

Examples

Java Docs