Class AuthMethodFilter

java.lang.Object
javax.servlet.GenericFilter
javax.servlet.http.HttpFilter
org.dogtagpki.server.rest.v2.filters.AuthMethodFilter
All Implemented Interfaces:
Serializable, javax.servlet.Filter, javax.servlet.FilterConfig
Direct Known Subclasses:
AccountAuthMethod, AuditAuthMethod, GroupAuthMethod, SecurityDomainAuthMethod, SelfTestAuthMethod, UserAuthMethod

public abstract class AuthMethodFilter extends javax.servlet.http.HttpFilter
Basic Authentication Method filter for REST APIs Subclasses can associate AuthMehtod to servlet, URLPatterns or specific endpoints. The setAuthMethod(String) method will assign a default AuthMehtod to use for all the associated entities (servlet or pattern). To provide a finer grained AuthMehtod it is possible to specify a map with the method setAuthMethodMap(Map). The map value is the ACL to use while the key is the endpoint where the ACL has to be applied. The key formal is: key= : The method is one of the HTTP method as defined in Java servlet request (e.g. GET, POST, etc.). The path is the endpoint in the associated servlet where the ACL has to be applied. If there is a REST path param this can be indicated with the sequence "{}". Example of ACL a servlet handking token could be: default authMethod: token.read authMethodMap: key= POST:token value=token.add key= PUT:token/{} value=token.modify key= DELETE:token/{} value=token.delete
Author:
Marco Fargetta <mfargett@redhat.com>, Endi S. Dewata
See Also:
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final org.slf4j.Logger
     
  • Constructor Summary

    Constructors
    Constructor
    Description
     
  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    checkAuthenticationMethod(javax.servlet.http.HttpServletRequest request, String authMethName)
     
    void
    doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
     
    void
    setAuthMethod(String authMethod)
     
    void
     

    Methods inherited from class javax.servlet.http.HttpFilter

    doFilter

    Methods inherited from class javax.servlet.GenericFilter

    getFilterConfig, getFilterName, getInitParameter, getInitParameterNames, getServletContext, init, init

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface javax.servlet.Filter

    destroy
  • Field Details

    • logger

      public static final org.slf4j.Logger logger
  • Constructor Details

    • AuthMethodFilter

      public AuthMethodFilter()
  • Method Details

    • doFilter

      public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
      Specified by:
      doFilter in interface javax.servlet.Filter
      Overrides:
      doFilter in class javax.servlet.http.HttpFilter
      Throws:
      IOException
      javax.servlet.ServletException
    • checkAuthenticationMethod

      protected void checkAuthenticationMethod(javax.servlet.http.HttpServletRequest request, String authMethName) throws ForbiddenException
      Throws:
      ForbiddenException
    • setAuthMethod

      public void setAuthMethod(String authMethod)
    • setAuthMethodMap

      public void setAuthMethodMap(Map<String,String> authMethodMap)