Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.glassfish.jersey.server.filter
Class RolesAllowedDynamicFeature

java.lang.Object
  extended by org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature
All Implemented Interfaces:
DynamicFeature
public class RolesAllowedDynamicFeature
extends Object
implements DynamicFeature

A DynamicFeature supporting the javax.annotation.security.RolesAllowed, javax.annotation.security.PermitAll and javax.annotation.security.DenyAll on resource methods and sub-resource methods.

The SecurityContext is utilized, using the SecurityContext.isUserInRole(String) method, to ascertain if the user is in one of the roles declared in by a @RolesAllowed. If a user is in none of the declared roles then a 403 (Forbidden) response is returned.

If the @DenyAll annotation is declared then a 403 (Forbidden) response is returned.

If the @PermitAll annotation is declared and is not overridden then this filter will not be applied.

Author:
Paul Sandoz (paul.sandoz at oracle.com), Martin Matula (martin.matula at oracle.com)

Constructor Summary
RolesAllowedDynamicFeature()
           
 
Method Summary
 void configure(ResourceInfo resourceInfo, Configurable configurable)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RolesAllowedDynamicFeature

public RolesAllowedDynamicFeature()
Method Detail

configure

public void configure(ResourceInfo resourceInfo,
                      Configurable configurable)
Specified by:
configure in interface DynamicFeature
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2007-2012 Oracle Corporation. All Rights Reserved. Use is subject to license terms.