Interface AuthorizationManager

All Known Implementing Classes:
DefaultAuthorizationManager

public interface AuthorizationManager
Authorization manager. The servlet implementation delegates all authorization checks to this interface.
Author:
Stuart Douglas
  • Method Details

    • isUserInRole

      boolean isUserInRole(String roleName, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment)
      Tests if a user is in a given role
      Parameters:
      roleName - The role name
      account - The user account
      servletInfo - The servlet info for the target servlet
      request - The servlet request
      deployment - The deployment
      Returns:
      true if the user is in the role
    • canAccessResource

      boolean canAccessResource(List<SingleConstraintMatch> mappedConstraints, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment)
      Tests if a user can access a given resource
      Parameters:
      mappedConstraints - The constraints
      account - The users account
      servletInfo - The servlet info for the target servlet
      request - The servlet request
      deployment - The deployment
      Returns:
      true if the user can access the resource
    • transportGuarantee

      TransportGuaranteeType transportGuarantee(TransportGuaranteeType currentConnectionGuarantee, TransportGuaranteeType configuredRequiredGuarantee, javax.servlet.http.HttpServletRequest request)
      Determines the transport guarantee type
      Parameters:
      currentConnectionGuarantee - The current connections transport guarantee type
      configuredRequiredGuarantee - The transport guarantee type specified in the deployment descriptor/annotations
      request - The request
      Returns:
      The transport guarantee type