Class DefaultAuthorizationManager

java.lang.Object
io.undertow.servlet.core.DefaultAuthorizationManager
All Implemented Interfaces:
AuthorizationManager

public class DefaultAuthorizationManager extends Object implements AuthorizationManager
Default authorization manager that simply implements the rules as specified by the servlet spec
Author:
Stuart Douglas
  • Field Details

  • Method Details

    • isUserInRole

      public boolean isUserInRole(String role, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment)
      Description copied from interface: AuthorizationManager
      Tests if a user is in a given role
      Specified by:
      isUserInRole in interface AuthorizationManager
      Parameters:
      role - The role name
      account - The user account
      servletInfo - The servlet info for the target servlet
      request - The servlet request
      deployment - The deployment
      Returns:
      true if the user is in the role
    • canAccessResource

      public boolean canAccessResource(List<SingleConstraintMatch> constraints, io.undertow.security.idm.Account account, ServletInfo servletInfo, javax.servlet.http.HttpServletRequest request, Deployment deployment)
      Description copied from interface: AuthorizationManager
      Tests if a user can access a given resource
      Specified by:
      canAccessResource in interface AuthorizationManager
      Parameters:
      constraints - The constraints
      account - The users account
      servletInfo - The servlet info for the target servlet
      request - The servlet request
      deployment - The deployment
      Returns:
      true if the user can access the resource
    • transportGuarantee

      public TransportGuaranteeType transportGuarantee(TransportGuaranteeType currentConnectionGuarantee, TransportGuaranteeType configuredRequiredGuarentee, javax.servlet.http.HttpServletRequest request)
      Description copied from interface: AuthorizationManager
      Determines the transport guarantee type
      Specified by:
      transportGuarantee in interface AuthorizationManager
      Parameters:
      currentConnectionGuarantee - The current connections transport guarantee type
      configuredRequiredGuarentee - The transport guarantee type specified in the deployment descriptor/annotations
      request - The request
      Returns:
      The transport guarantee type