Package org.apache.unomi.rest.authentication

Class AuthorizingInterceptor

java.lang.Object
org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.message.Message>
org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor
org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor
org.apache.unomi.rest.authentication.AuthorizingInterceptor
All Implemented Interfaces:
org.apache.cxf.interceptor.Interceptor<org.apache.cxf.message.Message>, org.apache.cxf.phase.PhaseInterceptor<org.apache.cxf.message.Message>
public class AuthorizingInterceptor extends org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor
Authorizing interceptor is in charge of testing that current authenticate user have the expected role during method access

  • Field Summary

    Fields inherited from class org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor

    globalRoles, methodRolesMap, userRolesMap

  • Constructor Summary

    Constructors
    Constructor
    Description
    AuthorizingInterceptor(RestAuthenticationConfig restAuthenticationConfig)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected List<String>
    getExpectedRoles(Method method)
    Returns a list of expected roles for a given method.

    Methods inherited from class org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor

    createMethodSig, isUserInRole, setCheckConfiguredRolesOnly, setGlobalRoles, setMethodRolesMap, setUserRolesMap

    Methods inherited from class org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor

    authorize, getDenyRoles, handleMessage, isAllowAnonymousUsers, isMethodProtected, setAllowAnonymousUsers

    Methods inherited from class org.apache.cxf.phase.AbstractPhaseInterceptor

    addAfter, addAfter, addBefore, addBefore, getAdditionalInterceptors, getAfter, getBefore, getId, getPhase, handleFault, isGET, isRequestor, setAfter, setBefore

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

  • Method Details

    • getExpectedRoles

      protected List<String> getExpectedRoles(Method method)
      Returns a list of expected roles for a given method. This override provide an additional lookup to the default implementation It's now possible resolve role mapping using this syntax: CLASS_NAME.METHOD_NAME
      Overrides:
      getExpectedRoles in class org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor
      Parameters:
      method - Method
      Returns:
      list, empty if no roles are available