Package org.apache.druid.server.security
Class PreResponseAuthorizationCheckFilter
java.lang.Object
org.apache.druid.server.security.PreResponseAuthorizationCheckFilter
- All Implemented Interfaces:
javax.servlet.Filter
Filter that verifies that authorization checks were applied to an HTTP request, before sending a response.
This filter is intended to help catch missing authorization checks arising from bugs/design omissions.
-
Constructor Summary
ConstructorsConstructorDescriptionPreResponseAuthorizationCheckFilter(List<Authenticator> authenticators, com.fasterxml.jackson.databind.ObjectMapper jsonMapper) -
Method Summary
Modifier and TypeMethodDescriptionvoiddestroy()voiddoFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain filterChain) voidinit(javax.servlet.FilterConfig filterConfig) static voidsendJsonError(javax.servlet.http.HttpServletResponse resp, int error, String errorJson, OutputStream outputStream)
-
Constructor Details
-
PreResponseAuthorizationCheckFilter
public PreResponseAuthorizationCheckFilter(List<Authenticator> authenticators, com.fasterxml.jackson.databind.ObjectMapper jsonMapper)
-
-
Method Details
-
init
public void init(javax.servlet.FilterConfig filterConfig) - Specified by:
initin interfacejavax.servlet.Filter
-
doFilter
public void doFilter(javax.servlet.ServletRequest servletRequest, javax.servlet.ServletResponse servletResponse, javax.servlet.FilterChain filterChain) throws IOException, javax.servlet.ServletException - Specified by:
doFilterin interfacejavax.servlet.Filter- Throws:
IOExceptionjavax.servlet.ServletException
-
destroy
public void destroy()- Specified by:
destroyin interfacejavax.servlet.Filter
-
sendJsonError
public static void sendJsonError(javax.servlet.http.HttpServletResponse resp, int error, String errorJson, OutputStream outputStream)
-