Class ACLFilter
java.lang.Object
javax.servlet.GenericFilter
javax.servlet.http.HttpFilter
org.dogtagpki.server.rest.v2.filters.ACLFilter
- All Implemented Interfaces:
Serializable
,javax.servlet.Filter
,javax.servlet.FilterConfig
- Direct Known Subclasses:
AccountACL
,AuditACL
,GroupACL
,SecurityDomainACL
,SelfTestACL
,UserACL
public abstract class ACLFilter
extends javax.servlet.http.HttpFilter
Basic ACL filter for REST APIs
Subclasses can associate ACL to servlet, URLPatterns or specific endpoints. The :
The method is one of the HTTP method as defined in Java servlet request (e.g. GET, POST, etc.).
The path is the endpoint in the associated servlet where the ACL has to be applied. If there is a REST path param this can be indicated
with the sequence "{}".
Example of ACL a servlet handking token could be:
default acl: token.read
ACLMap:
key= POST:token value=token.add
key= PUT:token/{} value=token.modify
key= DELETE:token/{} value=token.delete
setAcl(String)
method will assign a
default ACL to use for all the associated entities (servlet or pattern). To provide a finer grained ACL it is possible to specify
a map with the method setAclMap(Map)
. The map value is the ACL to use while the key is the endpoint where
the ACL has to be applied. The key formal is:
key= - Author:
- Marco Fargetta <mfargett@redhat.com>, Endi S. Dewata
- See Also:
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected void
void
doFilter
(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) void
void
Methods inherited from class javax.servlet.http.HttpFilter
doFilter
Methods inherited from class javax.servlet.GenericFilter
getFilterConfig, getFilterName, getInitParameter, getInitParameterNames, getServletContext, init, init
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface javax.servlet.Filter
destroy
-
Field Details
-
logger
public static final org.slf4j.Logger logger
-
-
Constructor Details
-
ACLFilter
public ACLFilter()
-
-
Method Details
-
doFilter
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException - Specified by:
doFilter
in interfacejavax.servlet.Filter
- Overrides:
doFilter
in classjavax.servlet.http.HttpFilter
- Throws:
IOException
javax.servlet.ServletException
-
checkACL
protected void checkACL(javax.servlet.http.HttpServletRequest request, String aclName) throws ForbiddenException - Throws:
ForbiddenException
-
setAcl
-
setAclMap
-