Apache CXF API

org.apache.cxf.interceptor.security
Class SimpleAuthorizingInterceptor

java.lang.Object
  extended by org.apache.cxf.phase.AbstractPhaseInterceptor<Message>
      extended by org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor
          extended by org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor
All Implemented Interfaces:
Interceptor<Message>, PhaseInterceptor<Message>
Direct Known Subclasses:
OperationInfoAuthorizingInterceptor, SecureAnnotationsInterceptor

public class SimpleAuthorizingInterceptor
extends AbstractAuthorizingInInterceptor


Field Summary
protected  List<String> globalRoles
           
protected  Map<String,List<String>> methodRolesMap
           
protected  Map<String,List<String>> userRolesMap
           
 
Constructor Summary
SimpleAuthorizingInterceptor()
           
 
Method Summary
protected  String createMethodSig(Method method)
           
protected  List<String> getExpectedRoles(Method method)
          Returns a list of expected roles for a given method.
protected  boolean isUserInRole(SecurityContext sc, List<String> roles, boolean deny)
           
 void setCheckConfiguredRolesOnly(boolean checkConfiguredRolesOnly)
           
 void setGlobalRoles(String roles)
           
 void setMethodRolesMap(Map<String,String> rolesMap)
           
 void setUserRolesMap(Map<String,String> rolesMap)
           
 
Methods inherited from class org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor
authorize, getDenyRoles, getTargetMethod, handleMessage
 
Methods inherited from class org.apache.cxf.phase.AbstractPhaseInterceptor
addAfter, addAfter, addBefore, addBefore, getAdditionalInterceptors, getAfter, getBefore, getId, getPhase, handleFault, isGET, isRequestor, setAfter, setBefore
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

methodRolesMap

protected Map<String,List<String>> methodRolesMap

userRolesMap

protected Map<String,List<String>> userRolesMap

globalRoles

protected List<String> globalRoles
Constructor Detail

SimpleAuthorizingInterceptor

public SimpleAuthorizingInterceptor()
Method Detail

isUserInRole

protected boolean isUserInRole(SecurityContext sc,
                               List<String> roles,
                               boolean deny)
Overrides:
isUserInRole in class AbstractAuthorizingInInterceptor

createMethodSig

protected String createMethodSig(Method method)

getExpectedRoles

protected List<String> getExpectedRoles(Method method)
Description copied from class: AbstractAuthorizingInInterceptor
Returns a list of expected roles for a given method.

Specified by:
getExpectedRoles in class AbstractAuthorizingInInterceptor
Parameters:
method - Method
Returns:
list, empty if no roles are available

setMethodRolesMap

public void setMethodRolesMap(Map<String,String> rolesMap)

setUserRolesMap

public void setUserRolesMap(Map<String,String> rolesMap)

setGlobalRoles

public void setGlobalRoles(String roles)

setCheckConfiguredRolesOnly

public void setCheckConfiguredRolesOnly(boolean checkConfiguredRolesOnly)

Apache CXF API

Apache CXF