org.neo4j.server.rest.security
Interface SecurityRule
public interface SecurityRule
DEFAULT_DATABASE_PATH
static final String DEFAULT_DATABASE_PATH
- See Also:
- Constant Field Values
isAuthorized
boolean isAuthorized(javax.servlet.http.HttpServletRequest request)
- Parameters:
request - The HTTP request currently under consideration.
- Returns:
true if the rule passes, false if the
rule fails and the request is to be rejected.
forUriPath
String forUriPath()
- Returns:
- the root of the URI path from which rules will be valid, e.g.
/db/data will apply this rule to everything below
the path /db/data It is possible to use * as a
wildcard character in return values, e.g.
/myExtension* will extend security coverage to
everything under the /myExtension path. Similarly
more complex path behavior can be specified with more wildcards,
e.g.: /myExtension*myApplication*specialResources.
Note that the wildcard represents any character (including the
'/' character), meaning /myExtension/* is not the
same as /myExtension* and implementers should take
care to ensure their implementations are tested accordingly.
Final note: the only wildcard supported is '*' and there is no
support for regular expression syntax.
wwwAuthenticateHeader
String wwwAuthenticateHeader()
- Returns:
- the opaque string representing the WWW-Authenticate header to
which the rule applies. Will be used to formulate a
401 response code if the rule denies a request.
Copyright © 2002-2014 The Neo4j Graph Database Project. All Rights Reserved.