Differences

This shows you the differences between two versions of the page.

--- auth:ex2 [2007/02/26 17:00] – created bdefrain
+++ auth:ex2 [2021/02/05 13:47] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-====== Authentication: Enforce Access Control ======
+[[auth:intro|Intro]]
+[[auth:ex1|Ex1]]
+[[auth:ex2|Ex2]]
+[[auth:ex3|Ex3]]
+[[auth:ex4|Ex4]]====== Authentication: Enforce authenticated user ======
+Extend your aspect to enforce an authenticated user when ''@Authenticated'' methods or constructors are executed.
+To model the authentication, we will present the user with an input dialog where he/she can select the role. (This is of course a simplification: in production, we would of course have to prompt for login and password and verify these against a password database.)
+The code to manage the current role for the user and to present the authentication dialog is shown here:
+<code aspectj>
+import javax.swing.JOptionPane;
+import figures.annotations.Authenticated;
+public aspect AccessControl {
+  ...
+  Authenticated.Role role;
+  public void authenticate() {
+    role = (Authenticated.Role)
+      JOptionPane.showInputDialog(null,
+        "Select role", "Input",
+        JOptionPane.INFORMATION_MESSAGE, null,
+        Authenticated.Role.values(), role);
+  }
+  ...
+}
+</code>
+As long as the user is not authenticated, we keep presenting him the authentication dialog. In other words, the actual access control check can be as simple as:
+<code aspectj>
+while(role == null)
+  authenticate();
+</code>
+After implementing the aspect, run the figure editor. You should be presented with the authentication dialog upon drawing the first point. Afterwards, new points can be added without interruption.
+----
+Continue with [[auth:ex3|Exercise 3]].