info.magnolia.cms.security
Class URISecurityFilter
java.lang.Object
info.magnolia.cms.filters.AbstractMgnlFilter
info.magnolia.cms.security.BaseSecurityFilter
info.magnolia.cms.security.URISecurityFilter
- All Implemented Interfaces:
- MgnlFilter, javax.servlet.Filter
public class URISecurityFilter
- extends BaseSecurityFilter
This Filter protects URI as defined by ROLE(s)/GROUP(s) ACL.
- Version:
- $Id$
Method Summary |
boolean |
isAllowed(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Checks access from Listener / Authenticator / AccessLock. |
protected boolean |
isAuthorized(AccessManager accessManager,
javax.servlet.http.HttpServletRequest request)
Deprecated. since 4.5 use isAuthorized(HttpServletRequest) instead. |
protected boolean |
isAuthorized(javax.servlet.http.HttpServletRequest request)
Validates user permissions on URI. |
Methods inherited from class info.magnolia.cms.filters.AbstractMgnlFilter |
acceptsEncoding, acceptsGzipEncoding, addAndVerifyHeader, addBypass, addMapping, bypasses, destroy, doFilter, getBypasses, getDispatching, getMapping, getMappings, getName, headerContains, init, isEnabled, mapsTo, matches, matchesDispatching, setDispatching, setEnabled, setName |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
URI_REPOSITORY
public static final String URI_REPOSITORY
- See Also:
- Constant Field Values
URI_WORKSPACE
public static final String URI_WORKSPACE
- See Also:
- Constant Field Values
URISecurityFilter
public URISecurityFilter()
isAllowed
public boolean isAllowed(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws IOException
- Checks access from Listener / Authenticator / AccessLock.
- Specified by:
isAllowed
in class BaseSecurityFilter
- Parameters:
request
- HttpServletRequest as received by the service methodresponse
- HttpServletResponse as received by the service method
- Returns:
- boolean
true
if access to the resource is allowed
- Throws:
IOException
- can be thrown when the servlet is unable to write to the response stream
isAuthorized
@Deprecated
protected boolean isAuthorized(AccessManager accessManager,
javax.servlet.http.HttpServletRequest request)
- Deprecated. since 4.5 use
isAuthorized(HttpServletRequest)
instead.
- Validates user permissions on URI.
isAuthorized
protected boolean isAuthorized(javax.servlet.http.HttpServletRequest request)
- Validates user permissions on URI.
Copyright © 2003–2014 Magnolia International Ltd.. All rights reserved.