Package io.undertow.servlet.core
Class DefaultAuthorizationManager
java.lang.Object
io.undertow.servlet.core.DefaultAuthorizationManager
- All Implemented Interfaces:
AuthorizationManager
Default authorization manager that simply implements the rules as specified by the servlet spec
- Author:
- Stuart Douglas
-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionboolean
canAccessResource
(List<SingleConstraintMatch> constraints, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment) Tests if a user can access a given resourceboolean
isUserInRole
(String role, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment) Tests if a user is in a given roletransportGuarantee
(TransportGuaranteeType currentConnectionGuarantee, TransportGuaranteeType configuredRequiredGuarentee, javax.servlet.http.HttpServletRequest request) Determines the transport guarantee type
-
Field Details
-
INSTANCE
-
-
Method Details
-
isUserInRole
public boolean isUserInRole(String role, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment) Description copied from interface:AuthorizationManager
Tests if a user is in a given role- Specified by:
isUserInRole
in interfaceAuthorizationManager
- Parameters:
role
- The role nameaccount
- The user accountservletInfo
- The servlet info for the target servletrequest
- The servlet requestdeployment
- The deployment- Returns:
- true if the user is in the role
-
canAccessResource
public boolean canAccessResource(List<SingleConstraintMatch> constraints, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment) Description copied from interface:AuthorizationManager
Tests if a user can access a given resource- Specified by:
canAccessResource
in interfaceAuthorizationManager
- Parameters:
constraints
- The constraintsaccount
- The users accountservletInfo
- The servlet info for the target servletrequest
- The servlet requestdeployment
- The deployment- Returns:
- true if the user can access the resource
-
transportGuarantee
public TransportGuaranteeType transportGuarantee(TransportGuaranteeType currentConnectionGuarantee, TransportGuaranteeType configuredRequiredGuarentee, javax.servlet.http.HttpServletRequest request) Description copied from interface:AuthorizationManager
Determines the transport guarantee type- Specified by:
transportGuarantee
in interfaceAuthorizationManager
- Parameters:
currentConnectionGuarantee
- The current connections transport guarantee typeconfiguredRequiredGuarentee
- The transport guarantee type specified in the deployment descriptor/annotationsrequest
- The request- Returns:
- The transport guarantee type
-