org.neo4j.server.rest.security

Interface SecurityRule

All Known Subinterfaces:

ForbiddingSecurityRule

public interface SecurityRule

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEFAULT_DATABASE_PATH

Method Summary

Methods

Modifier and Type	Method and Description
String	forUriPath()
boolean	isAuthorized(javax.servlet.http.HttpServletRequest request)
String	wwwAuthenticateHeader()

Field Detail

DEFAULT_DATABASE_PATH

static final String DEFAULT_DATABASE_PATH

Method Detail

isAuthorized

boolean isAuthorized(javax.servlet.http.HttpServletRequest request)

Parameters:

request - The HTTP request currently under consideration.

Returns:

true if the rule passes, false if the rule fails and the request is to be rejected with a "401 Unauthorized".

forUriPath

String forUriPath()

Returns:

the root of the URI path from which rules will be valid, e.g. /db/data will apply this rule to everything below the path /db/data It is possible to use * as a wildcard character in return values, e.g. /myExtension* will extend security coverage to everything under the /myExtension path. Similarly more complex path behavior can be specified with more wildcards, e.g.: /myExtension*myApplication*specialResources. Note that the wildcard represents any character (including the '/' character), meaning /myExtension/* is not the same as /myExtension* and implementers should take care to ensure their implementations are tested accordingly.

Final note: the only wildcard supported is '*' and there is no support for regular expression syntax.

wwwAuthenticateHeader

String wwwAuthenticateHeader()

Returns:

the opaque string representing the WWW-Authenticate header to which the rule applies. Will be used to formulate a 401 response code if the rule denies a request.