public boolean decision(final Message message) {
if (!message.hasResource("Session")) return false;
else {
AuthSubject subject = getSession(message).getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);
if (subject == null) {
/**
* Inform the client they must login.
*/
if ("LoginClient".equals(message.getSubject())) {
/**
* Make an exception for the LoginClient ...
*/
return true;
}
// TODO: This reside with the "AuthenticationService" listener, no
// i.e. by forwarding to that subject. See ErraiServiceImpl
createMessage()
.toSubject("LoginClient")
.command(SecurityCommands.SecurityChallenge)
.with(SecurityParts.CredentialsRequired, "Name,Password")
.with(MessageParts.ReplyTo, ErraiService.AUTHORIZATION_SVC_SUBJECT)
.with(SecurityParts.RejectedMessage, ServerBusUtils.encodeJSON(message.getParts()))
.copyResource("Session", message)
.errorsHandledBy(new ErrorCallback() {
public boolean error(Message message, Throwable throwable) {
ErrorHelper.sendClientError(bus, message, throwable.getMessage(), throwable);
return false;
}
})
.sendNowWith(bus, false);
return false;
}
if (!subject.getRoles().containsAll(requiredRoles)) {
createConversation(message)
.toSubject("ClientErrorService")
.signalling()
.with(MessageParts.ErrorMessage, "Access denied to service: "
+ message.get(String.class, MessageParts.ToSubject) +