X

Geertjan's Blog

  • January 17, 2014

Simple Security Mechanism for the NetBeans Platform

Geertjan Wielenga
Product Manager

If you want a simple security mechanism for the NetBeans Platform, go here:

https://blogs.oracle.com/geertjan/resource/SecurityMechanism.zip 

Run the attached from NetBeans IDE 7.4. If you're not logged in as 'admin', there's no Admin menu.
Otherwise, there is.

The @OnStart, i.e., this is the new way of doing ModuleInstall classes, no need to register in the Manifest:

@OnStart
public class Startable implements Runnable {
@Override
public void run() {
NotifyDescriptor.InputLine nd = new NotifyDescriptor.InputLine("Name", "Login");
//Got tired of typing it by hand:
nd.setInputText("admin");
Object response = DialogDisplayer.getDefault().notify(nd);
if (response == NotifyDescriptor.OK_OPTION) {
String username = nd.getInputText();
NotifyDescriptor.Message msg;
if (username.equals("admin")) {
Authentication.setIsAuthenticated(true);
} else {
Authentication.setIsAuthenticated(false);
FileObject admin = FileUtil.getConfigFile("Menu/Admin");
if (admin != null) {
try {
admin.delete();
FileUtil.refreshAll();
} catch (IOException ex) {
Exceptions.printStackTrace(ex);
}
}
}
} else {
LifecycleManager.getDefault().exit();
}
}
}

The Authentication switch:

public class Authentication {
static boolean isAuthenticated;
public static boolean isIsAuthenticated() {
return isAuthenticated;
}
public static void setIsAuthenticated(boolean isAuthenticated) {
Authentication.isAuthenticated = isAuthenticated;
}
}

The layer.xml:

<folder name="Actions">
<folder name="Windows">
<file name="org-demo-OpenSecurityAction.instance">
<attr name="displayName" stringvalue="not used"/>
<attr name="instanceCreate" newvalue="org.security.login.secure.SecretAdminAction"/>
</file>
</folder>
</folder>
<folder name="Menu">
<folder name="Admin">
<attr name="position" intvalue="1000"/>
<file name="org-demo-OpenSecurityAction.shadow">
<attr name="originalFile" stringvalue="Actions/Windows/org-demo-OpenSecurityAction.instance"/>
<attr intvalue="0" name="position"/>
</file>
</folder>
</folder>

The secret Admin Action:

public final class SecretAdminAction extends AbstractAction implements Presenter.Menu {
@Override
public void actionPerformed(ActionEvent e) {
//not used, set actions on menu items instead
}
@Override
public JMenuItem getMenuPresenter() {
JMenu menu = new JMenu("User Administration");
if (!Authentication.isIsAuthenticated()) {
menu.setVisible(false);
} else {
menu.add(new JMenuItem("Show Users"));
menu.add(new JMenuItem("Change Users"));
}
return menu;
}
}

Join the discussion

Comments ( 2 )
  • Oliver Rettig Saturday, January 18, 2014

    Hi Geertjan,

    thanks for the hint. Its nice to use the @OnStart annotation :-)

    best regards

    Oliver


  • guest Saturday, March 15, 2014

    It is unclear to me how to enforce the login across modules. Can you elaborate or provide an example?

    Thanks.


Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.