Permission Class for Your Application


Permission class for checking permissions in your application. This class extends the abstract class.


Implement this permission class to check for authorizations in your application. You have two options for implementing this class:

·        You can implement a permission class that extends one of the predefined classes provided by the UME.

·        You can implement a permission class that extends the class. In this case, you also have to implement the corresponding constructors and methods.

Implementation Using Predefined Classes

We provide several predefined classes that you can use instead of implementing these constructors and methods directly. See the table below:

Predefined Permissions




This permission class maps a permission name to a single action, for example:



This permission class maps a permission name to multiple actions, for example:

Name=”Reservation”, Action=”view”
Name=”Reservation”, Action=”create”
Name=”Reservation”, Action=”cancel”


This permission class maps a permission name to a value, for example:

Name=”Value”, Action=”25”
Name=”Min”, Action=”>50”
Name=”Max”, Action=”<100”

Implementation Using BasicPermission

If you do not use one of these predefined permission classes, implement a class that extends the class. In this case, you have to implement the constructors and the abstract methods accordingly.

·        Constructors

In your class, implement both constructors from the BasicPermission class. These are Name (string name)and Name (string name, string action).

·        Methods

The most important method that applies to your application’s permission class is implies (permission perm).

See the documentation for and class for a complete list of the available methods.


Checking the Permissions

To check the permissions in your code, you can use either of the following methods:

·        checkPermission()

Checks whether the user is allowed to do the specific operation. If not, this is logged and an exception is thrown. Use this method to enforce that the user has the permission before performing a specific task.

·        hasPermission()

Similar to checkPermission(), but this method returns true or false instead of throwing an exception. Also, no logging occurs. Use this method to make decisions based on permissions, but without causing errors, for example, to hide areas on a page.


See the following examples:

Example 1: Name Permission

public class TestPermission extends NamePermission {
public TestPermission(String name)
super(name, null);

Example 2: Action Permission

public class TestPermission extends ActionPermission {
public TestPermission(String name, String action)
super(name, action);

Example 3: Checking an Action Permission using checkPermission

      try {

         user.checkPermission(new TestPermission("Reservation", "create"));


         <code to execute if successful>;


      } catch (AccessControlException e) {

         <error handling>;