Creating the Permission Class for the JSP

Use

The next step in specifying which activities are to be protected with authorizations, you need to create a permission class to use for your application. (See Permission Class for Your Application.)

For this part of the tutorial, you will implement an extension of the NamePermission class to protect access to the JSP application.

Prerequisites

The J2EE Development perspective is displayed in the SAP NetWeaver Developer Studio.

The quick car rental application’s Web client project, J2EE_QuickCarRentalWeb, is displayed in the J2EE Explorer.

Procedure

...

       1.      Select the J2EE_QuickCarRentalWeb project, open the context menu and choose New  ® Java Class…

The New Java Class dialog appears.

       2.      Enter com.sap.engine.examples.permissions in the Package: field.

       3.      Enter QuickReservationPermission in the Name: field.

       4.      Enter com.sap.security.api.permissions.NamePermission in the Superclass field (or use the Browse... function).

       5.      For the method stubs, select Constructors from superclass and Inherited abstract methods. See the figure below.

       6.      Choose Finish to continue.

The Developer Studio creates the QuickReservationPermission, which extends the NamePermissionclass.

       7.      In the code for the permission class change the argument arg0 to name and the argument arg1 to action throughout the class.

       8.      Delete the // TODO Auto-generated constructor stub lines.

       9.      Save the file.

Result

The Java class QuickReservationPermission is created. See the code sample below.

package com.sap.engine.examples.permissions;

import com.sap.security.api.permissions.NamePermission;

public class QuickReservationPermission extends NamePermission {

   /**
    
* @param name
    
*/

  
public QuickReservationPermission(String name) {
     
super(name);
   }

   /**
    
* @param name
  
 * @param action
    
*/

  
public QuickReservationPermission(String name, String action) {
     
super(name, action);
   }
}

Next Step:

Checking the Permission in the Application