AuthorizationProvider (Daemon with Spring and CXF 2.3 API)

java.lang.Object
- de.taimos.springcxfdaemon.providers.AuthorizationProvider

All Implemented Interfaces:: javax.ws.rs.container.ContainerRequestFilter

@Provider
public abstract class AuthorizationProvider
extends Object
implements javax.ws.rs.container.ContainerRequestFilter

Author:: thoeger Copyright 2012, Cinovo AG

Constructor Summary

Constructors
Constructor and Description

AuthorizationProvider()

Constructors
Constructor and Description
`AuthorizationProvider()`

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`abortUnauthorized(javax.ws.rs.container.ContainerRequestContext requestContext)`
`protected static org.apache.cxf.security.SecurityContext`	`createSC(String user, String... roles)` Create a `SecurityContext` to return to the provider
`void`	`filter(javax.ws.rs.container.ContainerRequestContext requestContext)`
`protected abstract org.apache.cxf.security.SecurityContext`	`handleAuthHeader(javax.ws.rs.container.ContainerRequestContext requestContext, org.apache.cxf.message.Message msg, String type, String auth)` handle the presence of the Authorization header
`protected abstract org.apache.cxf.security.SecurityContext`	`handleOther(javax.ws.rs.container.ContainerRequestContext requestContext, org.apache.cxf.message.Message msg, javax.ws.rs.core.HttpHeaders head)` handle other auth methods like sessions, custom headers, etc
`protected abstract boolean`	`isAuthorizationMandatory()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- AuthorizationProvider
```
public AuthorizationProvider()
```

Method Detail

filter

public final void filter(javax.ws.rs.container.ContainerRequestContext requestContext)
                  throws IOException

Specified by:: filter in interface javax.ws.rs.container.ContainerRequestFilter
Throws:: IOException

abortUnauthorized

protected final void abortUnauthorized(javax.ws.rs.container.ContainerRequestContext requestContext)

isAuthorizationMandatory
```
protected abstract boolean isAuthorizationMandatory()
```
Returns:

true if the request should fail if no valid user is found

handleAuthHeader

protected abstract org.apache.cxf.security.SecurityContext handleAuthHeader(javax.ws.rs.container.ContainerRequestContext requestContext,
                                                                            org.apache.cxf.message.Message msg,
                                                                            String type,
                                                                            String auth)

handle the presence of the Authorization header

Parameters:: requestContext - the CXF request context; msg - the message; type - the Authorization type (Basic|Bearer|...); auth - the auth part of the header
Returns:: the SecurityContext if logged in or null

handleOther

protected abstract org.apache.cxf.security.SecurityContext handleOther(javax.ws.rs.container.ContainerRequestContext requestContext,
                                                                       org.apache.cxf.message.Message msg,
                                                                       javax.ws.rs.core.HttpHeaders head)

handle other auth methods like sessions, custom headers, etc

Parameters:: requestContext - the CXF request context; msg - the message; head - the HTTP headers
Returns:: the SecurityContext if logged in or null

createSC

protected static org.apache.cxf.security.SecurityContext createSC(String user,
                                                                  String... roles)

Create a SecurityContext to return to the provider

Parameters:: user - the user principal; roles - the roles of the user
Returns:: the SecurityContext

Class AuthorizationProvider

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

AuthorizationProvider

Method Detail

filter

abortUnauthorized

isAuthorizationMandatory

handleAuthHeader

handleOther

createSC