models.validators

Class BasicAuthValidator

lucee.Component
    extended by models.validators.BasicAuthValidator

Copyright since 2016 by Ortus Solutions, Corp www.ortussolutions.com --- This is the basic auth validator. It will talk to the configured authentication service for maintaining the valid users logged in and providing a logout mechanism. cbAuth leverages the `cbAuthUserService` when using this type of validator by default.

Class Attributes:
  • threadsafe
    •  
  • singleton
    •  
  • synchronized : false
    •  
  • accessors : false
    •  
  • persistent : false
    •  
    Property Summary
    type property default serializable required
    any cbSecurity


    • access = public
    • returntype = any
    • inject = CBSecurity@cbSecurity
    		 true false
    any log


    • access = public
    • returntype = any
    • inject = logbox:logger:{this}
    		 true false
    Method Summary
    struct annotationValidator(any securedValue, any controller)
         This function is called once access to a handler/action is detected.
    struct ruleValidator(any rule, any controller)
         This function is called once an incoming event matches a security rule.
    private any validateSecurity([any roles=''], [any permissions=''], any controller)
         Validate Security via CBAuth.
     
    Methods inherited from class lucee.Component
    None
    Property Detail

    cbSecurity

    property any cbSecurity

    Attributes:
    access - public
    required - false
    returntype - any
    inject - CBSecurity@cbSecurity
    serializable - true

    log

    property any log

    Attributes:
    access - public
    required - false
    returntype - any
    inject - logbox:logger:{this}
    serializable - true
    Method Detail

    annotationValidator

    public struct annotationValidator(any securedValue, any controller)

    This function is called once access to a handler/action is detected. You will receive the secured annotation value and an instance of the ColdBox Controller You must return a struct with three keys: - allow:boolean True, user can continue access, false, invalid access actions will ensue - type:string(authentication|authorization) The type of block that ocurred. Either an authentication or an authorization issue. - messages:string Info/debug messages

    Parameters:
    securedValue
    controller
    Returns:
    { allow:boolean, type:string(authentication|authorization), messages:string }

    ruleValidator

    public struct ruleValidator(any rule, any controller)

    This function is called once an incoming event matches a security rule. You will receive the security rule that matched and an instance of the ColdBox controller. You must return a struct with three keys: - allow:boolean True, user can continue access, false, invalid access actions will ensue - type:string(authentication|authorization) The type of block that ocurred. Either an authentication or an authorization issue. - messages:string Info/debug messages

    Parameters:
    rule
    controller
    Returns:
    { allow:boolean, type:string(authentication|authorization), messages:string }

    validateSecurity

    private any validateSecurity([any roles=''], [any permissions=''], any controller)

    Validate Security via CBAuth

    Parameters:
    roles - The roles you need to access
    permissions - The permissions you need to access
    controller - The ColdBox controller