org.apache.cxf.interceptor.security
Class AbstractAuthorizingInInterceptor
java.lang.Object
org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.message.Message>
org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor
- All Implemented Interfaces:
- org.apache.cxf.interceptor.Interceptor<org.apache.cxf.message.Message>, org.apache.cxf.phase.PhaseInterceptor<org.apache.cxf.message.Message>
- Direct Known Subclasses:
- SimpleAuthorizingInterceptor
public abstract class AbstractAuthorizingInInterceptor
- extends org.apache.cxf.phase.AbstractPhaseInterceptor<org.apache.cxf.message.Message>
| Methods inherited from class org.apache.cxf.phase.AbstractPhaseInterceptor |
addAfter, addAfter, addBefore, addBefore, getAdditionalInterceptors, getAfter, getBefore, getId, getPhase, handleFault, isGET, isRequestor, setAfter, setBefore |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
AbstractAuthorizingInInterceptor
public AbstractAuthorizingInInterceptor()
handleMessage
public void handleMessage(org.apache.cxf.message.Message message)
throws org.apache.cxf.interceptor.Fault
- Throws:
org.apache.cxf.interceptor.Fault
getTargetMethod
protected Method getTargetMethod(org.apache.cxf.message.Message m)
authorize
protected boolean authorize(org.apache.cxf.security.SecurityContext sc,
Method method)
isUserInRole
protected boolean isUserInRole(org.apache.cxf.security.SecurityContext sc,
List<String> roles,
boolean deny)
getExpectedRoles
protected abstract List<String> getExpectedRoles(Method method)
- Returns a list of expected roles for a given method.
- Parameters:
method - Method
- Returns:
- list, empty if no roles are available
getDenyRoles
protected List<String> getDenyRoles(Method method)
- Returns a list of roles to be denied for a given method.
- Parameters:
method - Method
- Returns:
- list, empty if no roles are available
Apache CXF