Package net.ltgt.oidc.servlet

Class HasRoleFilter

java.lang.Object

jakarta.servlet.GenericFilter

jakarta.servlet.http.HttpFilter

net.ltgt.oidc.servlet.AbstractAuthorizationFilter

net.ltgt.oidc.servlet.HasRoleFilter

All Implemented Interfaces:

Filter, FilterConfig, Serializable

public class HasRoleFilter
extends AbstractAuthorizationFilter

Ensures the user has a given role.

This filter should be installed after the UserFilter as it relies on HttpServletRequest.isUserInRole(java.lang.String).

See Also:

• Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static final String	ROLE	Name of the init parameter used to configure the expected user role.

Fields inherited from class net.ltgt.oidc.servlet.AbstractAuthorizationFilter

IS_PRIVATE_REQUEST_ATTRIBUTE_NAME

Constructor Summary

Constructors

Constructor	Description
HasRoleFilter()
HasRoleFilter(String role)	Constructs a filter that checks for the given role.
HasRoleFilter(AuthenticationRedirector authenticationRedirector)	Constructs a filter with the given authentication redirector.
HasRoleFilter(AuthenticationRedirector authenticationRedirector, String role)	Constructs a filter with the given authentication redirector and role.

Method Summary

Modifier and Type	Method	Description
void	init()
protected final boolean	isAuthorized(HttpServletRequest req)	Returns whether the user is authorized.

Methods inherited from class net.ltgt.oidc.servlet.AbstractAuthorizationFilter

configureAuthenticationRequest, doFilter, doRedirectToAuthenticationEndpoint, doSendUnauthorized, isCallbackServlet, redirectToAuthenticationEndpoint, sendForbidden, sendUnauthorized

Methods inherited from class jakarta.servlet.http.HttpFilter

doFilter

Methods inherited from class jakarta.servlet.GenericFilter

getFilterConfig, getFilterName, getInitParameter, getInitParameterNames, getServletContext, init

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface jakarta.servlet.Filter

destroy

Field Details

ROLE

public static final String ROLE

Name of the init parameter used to configure the expected user role.

See Also:

• Constant Field Values

Constructor Details

HasRoleFilter

public HasRoleFilter()

HasRoleFilter

public HasRoleFilter(String role)

Constructs a filter that checks for the given role.

When this constructor is used, the ROLE init parameter won't be read; the servlet context attribute will be read though.

HasRoleFilter

public HasRoleFilter(AuthenticationRedirector authenticationRedirector)

Constructs a filter with the given authentication redirector.

When this constructor is used, the servlet context attribute won't be read, though the role will be read from the ROLE init parameter.

HasRoleFilter

public HasRoleFilter(AuthenticationRedirector authenticationRedirector,
 String role)

Constructs a filter with the given authentication redirector and role.

When this constructor is used, the servlet context attribute and the ROLE init parameter won't be read.

Method Details

init

@OverridingMethodsMustInvokeSuper
public void init()
          throws ServletException

Overrides:

init in class AbstractAuthorizationFilter

Throws:

ServletException

isAuthorized

protected final boolean isAuthorized(HttpServletRequest req)

Description copied from class: AbstractAuthorizationFilter

Returns whether the user is authorized.

Implementations should only use the requests getUserPrincipal() and/or isUserInRole().

Specified by:

isAuthorized in class AbstractAuthorizationFilter