com.sun.jersey.api.container.filter.servlet
Class RolesAllowedResourceFilterFactory
java.lang.Object
com.sun.jersey.api.container.filter.servlet.RolesAllowedResourceFilterFactory
- All Implemented Interfaces:
- ResourceFilterFactory
public class RolesAllowedResourceFilterFactory
- extends java.lang.Object
- implements ResourceFilterFactory
A ResourceFilterFactory supporting the RolesAllowed,
PermitAll and DenyAll on resource methods sub-resource methods,
and sub-resource locators.
The SecurityContext is utilized, using the
SecurityContext.isUserInRole(java.lang.String) method,
to ascertain if the user is in one
of the roles declared in by a RolesAllowed. If a user is in none of
the declared roles then a 403 (Forbidden) response is returned.
If the DenyAll annotation is declared then a 403 (Forbidden) response
is returned.
If the PermitAll annotation is declared and is not overridden then
this filter will not be applied.
When an application is deployed as a Servlet or Filter this Jersey resource
filter can be registered using the following initialization parameter:
<init-param>
<param-name>com.sun.jersey.spi.container.ResourceFilters</param-name>
<param-value>com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory</param-value>
</init-param>
- Author:
- Paul.Sandoz@Sun.Com
- See Also:
com.sun.jersey.api.container.filter
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RolesAllowedResourceFilterFactory
public RolesAllowedResourceFilterFactory()
create
public java.util.List<ResourceFilter> create(AbstractMethod am)
- Specified by:
create in interface ResourceFilterFactory
Copyright © 2017 Oracle Corporation. All Rights Reserved.