org.glassfish.jersey.server.filter
Class RolesAllowedDynamicFeature
java.lang.Object
org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature
- All Implemented Interfaces:
- javax.ws.rs.container.DynamicFeature
public class RolesAllowedDynamicFeature
- extends Object
- implements javax.ws.rs.container.DynamicFeature
A DynamicFeature supporting the javax.annotation.security.RolesAllowed,
javax.annotation.security.PermitAll and javax.annotation.security.DenyAll
on resource methods and sub-resource methods.
The SecurityContext is utilized, using the
SecurityContext.isUserInRole(String) method,
to ascertain if the user is in one
of the roles declared in by a @RolesAllowed. If a user is in none of
the declared roles then a 403 (Forbidden) response is returned.
If the @DenyAll annotation is declared then a 403 (Forbidden) response
is returned.
If the @PermitAll annotation is declared and is not overridden then
this filter will not be applied.
- Author:
- Paul Sandoz (paul.sandoz at oracle.com), Martin Matula (martin.matula at oracle.com)
|
Method Summary |
void |
configure(javax.ws.rs.container.ResourceInfo resourceInfo,
javax.ws.rs.core.FeatureContext configuration)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RolesAllowedDynamicFeature
public RolesAllowedDynamicFeature()
configure
public void configure(javax.ws.rs.container.ResourceInfo resourceInfo,
javax.ws.rs.core.FeatureContext configuration)
- Specified by:
configure in interface javax.ws.rs.container.DynamicFeature
Copyright © 2007-2013, Oracle and/or its affiliates. All Rights Reserved. Use is subject to license terms.