|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object info.magnolia.cms.filters.AbstractMgnlFilter info.magnolia.cms.security.BaseSecurityFilter
public abstract class BaseSecurityFilter
Provides basic infrastructure for filters which check if a request is authorized.
Constructor Summary | |
---|---|
BaseSecurityFilter()
|
Method Summary | |
---|---|
protected void |
doAuthenticate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Deprecated. since 4.5, should not be needed, and does nothing. |
void |
doFilter(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
javax.servlet.FilterChain chain)
Continue with the Magnolia defined filter chain if isAllowed(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) returns true. |
protected abstract boolean |
isAllowed(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Implementations need to return false if the request can not be proceeded with, but also need to set an appropriate error code. |
Methods inherited from class info.magnolia.cms.filters.AbstractMgnlFilter |
---|
acceptsEncoding, acceptsGzipEncoding, addAndVerifyHeader, addBypass, addMapping, bypasses, destroy, doFilter, getBypasses, getDispatching, getMapping, getMappings, getName, headerContains, init, isEnabled, mapsTo, matches, matchesDispatching, setDispatching, setEnabled, setName |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public BaseSecurityFilter()
Method Detail |
---|
public void doFilter(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
isAllowed(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
returns true. Else subclasses
should set the appropriate http response code 401 (or 403).
doFilter
in class AbstractMgnlFilter
IOException
javax.servlet.ServletException
protected abstract boolean isAllowed(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws IOException
IOException
protected void doAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |