Overview
AccessDeniedListener is an interface which you must implement to track when a user is denied access to a protected resource. It's simple to write and set up.
Source Code
import atg.userprofiling.AccessDeniedListener;
import atg.userprofiling.AccessDeniedEvent;
public class DeniedListener
extends atg.nucleus.GenericService
implements AccessDeniedListener
{
public DeniedListener()
{
}
public void accessDenied(AccessDeniedEvent evt)
{
if(isLoggingInfo())
{
logInfo("Access Denied: " + evt.getURL());
}
}
}
Configuration
Set up a global Component based on your DeniedListener, in this example we've called it
/training/sf/security/AccessDeniedListener
Set up any old access Controller, in this example we've used
/training/sf/security/MemberAccessController
$scope=global
allowGroups=members
deniedAccessURL=/
groupRegistry=/atg/registry/RepositoryGroups
Add your listener and the access controller to the /atg/userprofiling/AccessControlServlet configuration
accessControllers=/members\=/training/sf/security/MemberAccessController
deniedAccessURL=/
accessDeniedListeners+=/training/sf/security/AccessDeniedListener
Testing the Listener
Don't log in as a member!
Point your browser to http://localhost:8840/members.
You should be redirected to the doc root check the log for an info message from your listener
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment