Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.tynamo.security.shiro.authz
Class RolesAuthorizationFilter

java.lang.Object
  extended by org.apache.shiro.web.servlet.ServletContextSupport
      extended by org.apache.shiro.web.servlet.AbstractFilter
          extended by org.apache.shiro.web.servlet.NameableFilter
              extended by org.apache.shiro.web.servlet.OncePerRequestFilter
                  extended by org.apache.shiro.web.servlet.AdviceFilter
                      extended by org.tynamo.security.shiro.AccessControlFilter
                          extended by org.tynamo.security.shiro.authz.AuthorizationFilter
                              extended by org.tynamo.security.shiro.authz.RolesAuthorizationFilter
All Implemented Interfaces:
javax.servlet.Filter, org.apache.shiro.util.Nameable
public class RolesAuthorizationFilter
extends AuthorizationFilter

Filter that allows access if the current user has the roles specified by the mapped value, or denies access if the user does not have all of the roles specified.

Since:
0.4.0

Field Summary
 
Fields inherited from class org.tynamo.security.shiro.AccessControlFilter
GET_METHOD, LOGIN_URL, pathMatcher, POST_METHOD, REDIRECT_TO_SAVED_URL, SUCCESS_URL, UNAUTHORIZED_URL
 
Fields inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
 
Fields inherited from class org.apache.shiro.web.servlet.AbstractFilter
filterConfig
 
Constructor Summary
RolesAuthorizationFilter(PageService pageService)
           
 
Method Summary
 boolean isAccessAllowed(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, Object mappedValue)
          Returns true if the request is allowed to proceed through the filter normally, or false if the request should be handled by the onAccessDenied(request,response,mappedValue) method instead.
 
Methods inherited from class org.tynamo.security.shiro.authz.AuthorizationFilter
getUnauthorizedUrl, onAccessDenied, setUnauthorizedUrl
 
Methods inherited from class org.tynamo.security.shiro.AccessControlFilter
addConfig, getLoginUrl, getPageService, getSubject, getSuccessUrl, isLoginRequest, isRedirectToSavedUrl, onAccessDenied, onPreHandle, preHandle, redirectToLogin, saveRequest, saveRequestAndRedirectToLogin, setConfig, setLoginUrl, setRedirectToSavedUrl, setSuccessUrl
 
Methods inherited from class org.apache.shiro.web.servlet.AdviceFilter
afterCompletion, cleanup, doFilterInternal, executeChain, postHandle
 
Methods inherited from class org.apache.shiro.web.servlet.OncePerRequestFilter
doFilter, getAlreadyFilteredAttributeName, isEnabled, isEnabled, setEnabled, shouldNotFilter
 
Methods inherited from class org.apache.shiro.web.servlet.NameableFilter
getName, setName, toStringBuilder
 
Methods inherited from class org.apache.shiro.web.servlet.AbstractFilter
destroy, getFilterConfig, getInitParam, init, onFilterConfigSet, setFilterConfig
 
Methods inherited from class org.apache.shiro.web.servlet.ServletContextSupport
getContextAttribute, getContextInitParam, getServletContext, removeContextAttribute, setContextAttribute, setServletContext, toString
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

RolesAuthorizationFilter

public RolesAuthorizationFilter(PageService pageService)
Method Detail

isAccessAllowed

public boolean isAccessAllowed(javax.servlet.ServletRequest request,
                               javax.servlet.ServletResponse response,
                               Object mappedValue)
                        throws IOException
Description copied from class: AccessControlFilter
Returns true if the request is allowed to proceed through the filter normally, or false if the request should be handled by the onAccessDenied(request,response,mappedValue) method instead.

Specified by:
isAccessAllowed in class AccessControlFilter
Parameters:
request - the incoming ServletRequest
response - the outgoing ServletResponse
mappedValue - the filter-specific config value mapped to this filter in the URL rules mappings.
Returns:
true if the request should proceed through the filter normally, false if the request should be processed by this filter's AccessControlFilter.onAccessDenied(ServletRequest,ServletResponse,Object) method instead.
Throws:
IOException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2012. All Rights Reserved.