Sample: Command-level access control policy for new controller commands
Controller commands require access control policies in order to meet the requirements of the access control framework. If you create a new controller command, the name of the command's interface is specified as a resource. The following XML snip can be modified for your new command and loaded using the acpload command:
<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?>
<!DOCTYPE Policies SYSTEM "../dtd/accesscontrolpolicies.dtd">
<Policies>
<Action Name="ExecuteCommand"
CommandName="Execute">
</Action>
<ResourceCategory Name="com.yourcompany.yourpackage.commands.YourControllerCmdResourceCategory"
ResourceBeanClass="com.yourcompany.yourpackage.commands.YourControllerCmd">
<ResourceAction Name="ExecuteCommand"/>
</ResourceCategory>
<ResourceGroup Name="AllSiteUserCmdResourceGroup" OwnerID="RootOrganization">
<ResourceGroupResource Name="com.yourcompany.yourpackage.commands.YourControllerCmdResourceCategory" />
</ResourceGroup>
</Policies>
Where:
- com.yourcompany.yourpackage.commands
- represents your packaging structure
- YourControllerCmd
- represents the name of your new controller command
As an example, the following XML file is used to load the access control policy for a new controller command that is created in a tutorial contained in this book.
<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> <!DOCTYPE Policies SYSTEM "../dtd/accesscontrolpolicies.dtd"> <Policies> <Action Name="ExecuteCommand" CommandName="Execute"> </Action> <ResourceCategory Name="com.ibm.commerce.sample.commands.MyNewControllerCmdResourceCategory" ResourceBeanClass="com.ibm.commerce.sample.commands.MyNewControllerCmd"> <ResourceAction Name="ExecuteCommand"/> </ResourceCategory> <ResourceGroup Name="AllSiteUserCmdResourceGroup" OwnerID="RootOrganization"> <ResourceGroupResource Name="com.ibm.commerce.sample.commands.MyNewControllerCmdResourceCategory" /> </ResourceGroup> </Policies>