UserRoleAuthorizationInterceptor (AppFuse Struts 2 Module 2.0-m2 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.appfuse.webapp.interceptor
Class UserRoleAuthorizationInterceptor

java.lang.Object
  org.appfuse.webapp.interceptor.UserRoleAuthorizationInterceptor

All Implemented Interfaces:: com.opensymphony.xwork2.interceptor.Interceptor, java.io.Serializable

public class UserRoleAuthorizationInterceptor
extends java.lang.Object
implements com.opensymphony.xwork2.interceptor.Interceptor
extends java.lang.Object
implements com.opensymphony.xwork2.interceptor.Interceptor

Security interceptor checks to see if users are in the specified roles before proceeding. Similar to Spring's UserRoleAuthorizationInterceptor.

View Source

Author:: Matt Raible
See Also:: org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor, Serialized Form

Constructor Summary
`UserRoleAuthorizationInterceptor()`

Method Summary
`void`	`destroy()`
`protected void`	`handleNotAuthorized(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)` Handle a request that is not authorized according to this interceptor.
`void`	`init()`
`java.lang.String`	`intercept(com.opensymphony.xwork2.ActionInvocation invocation)`
`void`	`setAuthorizedRoles(java.lang.String[] authorizedRoles)` Set the roles that this interceptor should treat as authorized.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

UserRoleAuthorizationInterceptor

public UserRoleAuthorizationInterceptor()

Method Detail

intercept

public java.lang.String intercept(com.opensymphony.xwork2.ActionInvocation invocation)
                           throws java.lang.Exception

Specified by:: intercept in interface com.opensymphony.xwork2.interceptor.Interceptor

Throws:: java.lang.Exception

setAuthorizedRoles

public final void setAuthorizedRoles(java.lang.String[] authorizedRoles)

Set the roles that this interceptor should treat as authorized.

Parameters:: authorizedRoles - array of role names

handleNotAuthorized

protected void handleNotAuthorized(javax.servlet.http.HttpServletRequest request,
                                   javax.servlet.http.HttpServletResponse response)
                            throws javax.servlet.ServletException,
                                   java.io.IOException

Handle a request that is not authorized according to this interceptor. Default implementation sends HTTP status code 403 ("forbidden").

This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a ServletException.

Parameters:: request - current HTTP request; response - current HTTP response; handler - chosen handler to execute, for type and/or instance evaluation
Throws:: javax.servlet.ServletException - if there is an internal error; java.io.IOException - in case of an I/O error when writing the response

destroy

public void destroy()

Specified by:: destroy in interface com.opensymphony.xwork2.interceptor.Interceptor

init

public void init()

Specified by:: init in interface com.opensymphony.xwork2.interceptor.Interceptor