|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.web.servlet.handler.HandlerInterceptorAdapter org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor
public class UserRoleAuthorizationInterceptor
Interceptor that checks the authorization of the current user via the user's roles, as evaluated by HttpServletRequest's isUserInRole method.
HttpServletRequest.isUserInRole(java.lang.String)
Constructor Summary | |
---|---|
UserRoleAuthorizationInterceptor()
|
Method Summary | |
---|---|
protected void |
handleNotAuthorized(HttpServletRequest request,
HttpServletResponse response,
Object handler)
Handle a request that is not authorized according to this interceptor. |
boolean |
preHandle(HttpServletRequest request,
HttpServletResponse response,
Object handler)
This implementation always returns true . |
void |
setAuthorizedRoles(String[] authorizedRoles)
Set the roles that this interceptor should treat as authorized. |
Methods inherited from class org.springframework.web.servlet.handler.HandlerInterceptorAdapter |
---|
afterCompletion, postHandle |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public UserRoleAuthorizationInterceptor()
Method Detail |
---|
public final void setAuthorizedRoles(String[] authorizedRoles)
authorizedRoles
- array of role namespublic final boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException
HandlerInterceptorAdapter
true
.
preHandle
in interface HandlerInterceptor
preHandle
in class HandlerInterceptorAdapter
request
- current HTTP requestresponse
- current HTTP responsehandler
- chosen handler to execute, for type and/or instance evaluation
true
if the execution chain should proceed with the
next interceptor or the handler itself. Else, DispatcherServlet assumes
that this interceptor has already dealt with the response itself.
ServletException
IOException
protected void handleNotAuthorized(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException
This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a ServletException.
request
- current HTTP requestresponse
- current HTTP responsehandler
- chosen handler to execute, for type and/or instance evaluation
ServletException
- if there is an internal error
IOException
- in case of an I/O error when writing the response
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |