Package org.restlet.security
Class Authorizer
java.lang.Object
org.restlet.Restlet
org.restlet.routing.Filter
org.restlet.security.Authorizer
- All Implemented Interfaces:
Uniform
- Direct Known Subclasses:
ConfidentialAuthorizer,MethodAuthorizer,RoleAuthorizer
Filter authorizing inbound request. It can be attached to protect a set of
downstream
Restlet and ServerResource objects.- Author:
- Jerome Louvel
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final AuthorizerAuthorizer returning true all the time.static final AuthorizerAuthorizer returning true for all authenticated requests.static final AuthorizerAuthorizer returning false all the time. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract booleanAttempts to authorize the request.protected intauthorized(Request request, Response response) Invoked upon successful authorization.protected intbeforeHandle(Request request, Response response) Allows filtering before processing by the next Restlet.Returns the identifier unique within an application.voidsetIdentifier(String identifier) Sets the identifier unique within an application.protected intunauthorized(Request request, Response response) Invoked upon failed authorization.Methods inherited from class org.restlet.routing.Filter
afterHandle, doHandle, getNext, handle, hasNext, setNext, setNext, start, stopMethods inherited from class org.restlet.Restlet
createFinder, finalize, getApplication, getAuthor, getContext, getDescription, getFinderClass, getLogger, getName, getOwner, handle, handle, handle, isStarted, isStopped, setAuthor, setContext, setDescription, setFinderClass, setName, setOwner
-
Field Details
-
ALWAYS
Authorizer returning true all the time. -
AUTHENTICATED
Authorizer returning true for all authenticated requests. For unauthenticated requests, it sets the response's status toStatus.CLIENT_ERROR_UNAUTHORIZEDinstead of the defaultStatus.CLIENT_ERROR_FORBIDDEN.- See Also:
-
NEVER
Authorizer returning false all the time.
-
-
Constructor Details
-
Authorizer
public Authorizer()Default constructor. -
Authorizer
Constructor.- Parameters:
identifier- The identifier unique within an application.
-
-
Method Details
-
authorize
Attempts to authorize the request.- Parameters:
request- The request sent.response- The response to update.- Returns:
- True if the authorization succeeded.
-
authorized
Invoked upon successful authorization. ReturnsFilter.CONTINUEby default.- Parameters:
request- The request sent.response- The response to update.- Returns:
- The filter continuation code.
-
beforeHandle
Description copied from class:FilterAllows filtering before processing by the next Restlet. ReturnsFilter.CONTINUEby default.- Overrides:
beforeHandlein classFilter- Parameters:
request- The request to handle.response- The response to update.- Returns:
- The continuation status. Either
Filter.CONTINUEorFilter.SKIPorFilter.STOP.
-
getIdentifier
Returns the identifier unique within an application.- Returns:
- The identifier unique within an application.
-
setIdentifier
Sets the identifier unique within an application.- Parameters:
identifier- The identifier unique within an application.
-
unauthorized
Invoked upon failed authorization. Sets the status toStatus.CLIENT_ERROR_FORBIDDENand returnsFilter.STOPby default.- Parameters:
request- The request sent.response- The response to update.- Returns:
- The filter continuation code.
-