UserRoleAuthorizationInterceptor (AppFuse Struts 2 Module 2.2.1 API)

java.lang.Object
- org.appfuse.webapp.interceptor.UserRoleAuthorizationInterceptor

All Implemented Interfaces:

com.opensymphony.xwork2.interceptor.Interceptor, Serializable
```
public class UserRoleAuthorizationInterceptor
extends Object
implements com.opensymphony.xwork2.interceptor.Interceptor
```
Security interceptor checks to see if users are in the specified roles before proceeding. Similar to Spring's UserRoleAuthorizationInterceptor.

Author:

Matt Raible

See Also:
org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor, Serialized Form

Constructor Summary

Constructors
Constructor and Description

UserRoleAuthorizationInterceptor()

Constructors
Constructor and Description
`UserRoleAuthorizationInterceptor()`

Method Summary

Methods
Modifier and Type	Method and Description
`void`	`destroy()` This method currently does nothing.
`protected void`	`handleNotAuthorized(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)` Handle a request that is not authorized according to this interceptor.
`void`	`init()` This method currently does nothing.
`String`	`intercept(com.opensymphony.xwork2.ActionInvocation invocation)` Intercept the action invocation and check to see if the user has the proper role.
`void`	`setAuthorizedRoles(String[] authorizedRoles)` Set the roles that this interceptor should treat as authorized.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - UserRoleAuthorizationInterceptor
```
public UserRoleAuthorizationInterceptor()
```
- Method Detail
  - intercept
```
public String intercept(com.opensymphony.xwork2.ActionInvocation invocation)
                 throws Exception
```
    Intercept the action invocation and check to see if the user has the proper role.
    
    Specified by:
    
    intercept in interface com.opensymphony.xwork2.interceptor.Interceptor
    
    Parameters:
    invocation - the current action invocation
    
    Returns:
    the method's return value, or null after setting HttpServletResponse.SC_FORBIDDEN
    
    Throws:
    
    Exception - when setting the error on the response fails
  - setAuthorizedRoles
```
public final void setAuthorizedRoles(String[] authorizedRoles)
```
    Set the roles that this interceptor should treat as authorized.
    
    Parameters:
    authorizedRoles - array of role names
  - handleNotAuthorized
```
protected void handleNotAuthorized(javax.servlet.http.HttpServletRequest request,
                       javax.servlet.http.HttpServletResponse response)
                            throws javax.servlet.ServletException,
                                   IOException
```
    Handle a request that is not authorized according to this interceptor. Default implementation sends HTTP status code 403 ("forbidden").
    This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a ServletException.
    
    Parameters:
    request - current HTTP request
    response - current HTTP response
    
    Throws:
    
    javax.servlet.ServletException - if there is an internal error
    
    IOException - in case of an I/O error when writing the response
  - destroy
```
public void destroy()
```
    This method currently does nothing.
    
    Specified by:
    
    destroy in interface com.opensymphony.xwork2.interceptor.Interceptor
  - init
```
public void init()
```
    This method currently does nothing.
    
    Specified by:
    
    init in interface com.opensymphony.xwork2.interceptor.Interceptor

Class UserRoleAuthorizationInterceptor

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

UserRoleAuthorizationInterceptor

Method Detail

intercept

setAuthorizedRoles

handleNotAuthorized

destroy

init