URISecurityFilter (magnolia-project 4.4.6 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

info.magnolia.cms.security
Class URISecurityFilter

java.lang.Object
  info.magnolia.cms.filters.AbstractMgnlFilter
      info.magnolia.cms.security.BaseSecurityFilter
          info.magnolia.cms.security.URISecurityFilter

All Implemented Interfaces:: MgnlFilter, javax.servlet.Filter

public class URISecurityFilter
extends BaseSecurityFilter
extends BaseSecurityFilter

This Filter protects URI as defined by ROLE(s)/GROUP(s) ACL.

Author:: Sameer Charles

Field Summary
`static String`	`URI_REPOSITORY`
`static String`	`URI_WORKSPACE`

Constructor Summary
`URISecurityFilter()`

Method Summary
`boolean`	`isAllowed(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)` Checks access from Listener / Authenticator / AccessLock.
`protected boolean`	`isAuthorized(AccessManager accessManager, javax.servlet.http.HttpServletRequest request)` Validates user permissions on URI.

Methods inherited from class info.magnolia.cms.security.BaseSecurityFilter
`doAuthenticate, doFilter, getClientCallback, setClientCallback`

Methods inherited from class info.magnolia.cms.filters.AbstractMgnlFilter
`acceptsEncoding, acceptsGzipEncoding, addAndVerifyHeader, addBypass, addMapping, bypasses, destroy, doFilter, getBypasses, getDispatching, getMapping, getMappings, getName, headerContains, init, isEnabled, mapsTo, matches, matchesDispatching, setDispatching, setEnabled, setName`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

URI_REPOSITORY

public static final String URI_REPOSITORY

See Also:: Constant Field Values

URI_WORKSPACE

public static final String URI_WORKSPACE

See Also:: Constant Field Values

Constructor Detail

URISecurityFilter

public URISecurityFilter()

Method Detail

isAllowed

public boolean isAllowed(javax.servlet.http.HttpServletRequest request,
                         javax.servlet.http.HttpServletResponse response)
                  throws IOException

Checks access from Listener / Authenticator / AccessLock.

Specified by:: isAllowed in class BaseSecurityFilter

Parameters:: request - HttpServletRequest as received by the service method; response - HttpServletResponse as received by the service method
Returns:: boolean true if access to the resource is allowed
Throws:: IOException - can be thrown when the servlet is unable to write to the response stream

isAuthorized

protected boolean isAuthorized(AccessManager accessManager,
                               javax.servlet.http.HttpServletRequest request)

Validates user permissions on URI.