Friday Jan 17, 2014

Simple Security Mechanism for the NetBeans Platform

If you want a simple security mechanism for the NetBeans Platform, go here:

https://blogs.oracle.com/geertjan/resource/SecurityMechanism.zip 

Run the attached from NetBeans IDE 7.4. If you're not logged in as 'admin', there's no Admin menu. Otherwise, there is.

The @OnStart, i.e., this is the new way of doing ModuleInstall classes, no need to register in the Manifest:

@OnStart
public class Startable implements Runnable {

    @Override
    public void run() {
        NotifyDescriptor.InputLine nd = new NotifyDescriptor.InputLine("Name", "Login");
        //Got tired of typing it by hand:
        nd.setInputText("admin");
        Object response = DialogDisplayer.getDefault().notify(nd);
        if (response == NotifyDescriptor.OK_OPTION) {
            String username = nd.getInputText();
            NotifyDescriptor.Message msg;
            if (username.equals("admin")) {
                Authentication.setIsAuthenticated(true);
            } else {
                Authentication.setIsAuthenticated(false);
                FileObject admin = FileUtil.getConfigFile("Menu/Admin");
                if (admin != null) {
                    try {
                        admin.delete();
                        FileUtil.refreshAll();
                    } catch (IOException ex) {
                        Exceptions.printStackTrace(ex);
                    }
                }
            }
        } else {
            LifecycleManager.getDefault().exit();
        }
    }

}

The Authentication switch:

public class Authentication {

    static boolean isAuthenticated;

    public static boolean isIsAuthenticated() {
        return isAuthenticated;
    }

    public static void setIsAuthenticated(boolean isAuthenticated) {
        Authentication.isAuthenticated = isAuthenticated;
    }
    
}

The layer.xml:

<folder name="Actions">
    <folder name="Windows">
        <file name="org-demo-OpenSecurityAction.instance">
            <attr name="displayName" stringvalue="not used"/>
            <attr name="instanceCreate" newvalue="org.security.login.secure.SecretAdminAction"/>
        </file>
    </folder>
</folder>
<folder name="Menu">
    <folder name="Admin">
        <attr name="position" intvalue="1000"/>
        <file name="org-demo-OpenSecurityAction.shadow">
            <attr name="originalFile" stringvalue="Actions/Windows/org-demo-OpenSecurityAction.instance"/>
            <attr intvalue="0" name="position"/>
        </file>
    </folder>
</folder>

The secret Admin Action:

public final class SecretAdminAction extends AbstractAction implements Presenter.Menu {

    @Override
    public void actionPerformed(ActionEvent e) {
        //not used, set actions on menu items instead
    }

    @Override
    public JMenuItem getMenuPresenter() {
        JMenu menu = new JMenu("User Administration");
        if (!Authentication.isIsAuthenticated()) {
            menu.setVisible(false);
        } else {
            menu.add(new JMenuItem("Show Users"));
            menu.add(new JMenuItem("Change Users"));
        }
        return menu;
    }

}
About

Geertjan Wielenga (@geertjanw) is a Principal Product Manager in the Oracle Developer Tools group living & working in Amsterdam. He is a Java technology enthusiast, evangelist, trainer, speaker, and writer. He blogs here daily.

The focus of this blog is mostly on NetBeans (a development tool primarily for Java programmers), with an occasional reference to NetBeans, and sometimes diverging to topics relating to NetBeans. And then there are days when NetBeans is mentioned, just for a change.

Search

Archives
« January 2014 »
SunMonTueWedThuFriSat
   
26
 
       
Today