I am developing an application with Play Framework 2.2 and Java I have implemented the authentication module just like the following tutorial http://www.playframework.com/documentation/2.1.0/JavaGuide4
In a nutshell implemented a class Secured as
public class Secured extends Security.Authenticator{
@Override
public String getUsername(Context ctx) {
return ctx.session().get("email");
}
@Override
public Result onUnauthorized(Context ctx) {
return redirect(routes.Users.login());
}
}
and then in controllers I added this line to the methods of controllers
@Security.Authenticated(Secured.class)
public static Result methodOfController(){
//some codes here
return ok( someView.render());
}
As you can see it's just authentication not authorization, for example it checks if user is logged in but never checks if this is email of admin
My question is this: How should I add access rights to these class, or namely how can I add authorization to this authentication
please provide me with a descriptive answer that shows what modifications should I make to this class, controllers and even some other parts of project ( maybe models ) to have a proper authorization
please don't provide links to websites or weblogs unless they are focused on a very similar issue