|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectjp.terasoluna.fw.web.thin.AbstractControlFilter<AuthorizationController>
jp.terasoluna.fw.web.thin.AuthorizationControlFilter
public class AuthorizationControlFilter
Performs access authority check.
This class calls any AuthorizationController
instance which is specified in Bean definition file and transfers the access authority check of the specified path. The AuthorizationController instance
performs the filter process of the request received from browser.
Checks if there is access authority for the specified path.
When there is access authority violation, UnauthorizedException
is thrown.
To use this function, perform the following settings in deployment descriptor (web.xml) and Bean definition file.
"Id" attribute which is defined in Bean definition file should be set as sampleAuthorizationController. In the "class" attribute of <bean> element, set the class that implementes the AuthorizationController
interface.
<filter>
<filter-name>
authorizationControlFilter
</filter-name>
<filter-class>
jp.terasoluna.fw.web.thin.AuthorizationControlFilter
</filter-class>
<init-param>
<param-name>controller</param-name>
<param-value>
"sampleAuthorizationController"
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>authorizationControlFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<error-page>
<exception-type>
jp.terasoluna.fw.web.thin.UnauthorizedException
</exception-type>
<location>/unauthorizedError.jsp</location>
</error-page>
Bean definition file
<bean id="sampleAuthorizationController"
class="jp.terasoluna...SampleAuthorizationController" />
At the time of setting the "id" attribute of <bean> element which is defined in Bean definition file,
in the "authorizationController" which is the default value, <init-param> element can be omitted
from the <filter> element in deployment descriptor (web.xml).
AuthorizationController
,
BlockageControlFilter
,
BlockageController
,
ServerBlockageControlFilter
,
ServerBlockageController
Field Summary | |
---|---|
private static java.lang.Class |
AUTHORIZATION_CONTROLLER_CLASS
Controller class that transfers the access authority check process. |
private static java.lang.String |
AUTHORIZATION_CONTROLLER_ERROR
Error code indicating the failure in generating the authorization controller. |
static java.lang.String |
AUTHORIZATION_THRU_KEY
Key of "request" attribute which indicates that the request has passed through the filter. |
protected static AuthorizationController |
controller
AuthorizationController instance. |
static java.lang.String |
DEFAULT_AUTHORIZATION_BEAN_ID
Default id which is used in "Id" attribute of <bean> element to fetch the implementation class of controller from DI container. |
private static org.apache.commons.logging.Log |
log
Log class. |
Fields inherited from class jp.terasoluna.fw.web.thin.AbstractControlFilter |
---|
config |
Constructor Summary | |
---|---|
AuthorizationControlFilter()
|
Method Summary | |
---|---|
void |
doFilter(javax.servlet.ServletRequest req,
javax.servlet.ServletResponse res,
javax.servlet.FilterChain chain)
Performs access authority check. |
static AuthorizationController |
getAuthorizationController()
Returns AuthorizationController instance. |
protected java.lang.Class |
getControllerClass()
Returns the interface which should be implemented by the class that performs access control. |
java.lang.String |
getDefaultControllerBeanId()
Returns default id at the time of fetching the controller from DI container. |
protected java.lang.String |
getErrorCode()
Returns error code that indicates the failure in generating the controller. |
void |
init(javax.servlet.FilterConfig config)
This method is called by the container when the filter changes to Service start state. After creating an instance of the filter, container calls init method only once. In order to request the Filter to execute the filter process, init method should finish normally. Container cannot change the Filter to service state when the init method is any of the following. ServletException is thrown, It does not get recovered within the time defined by container, The implementation class of the controller does not exist or the settings are abnormal. |
Methods inherited from class jp.terasoluna.fw.web.thin.AbstractControlFilter |
---|
destroy, getController, setConfig |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String AUTHORIZATION_THRU_KEY
public static final java.lang.String DEFAULT_AUTHORIZATION_BEAN_ID
private static final java.lang.String AUTHORIZATION_CONTROLLER_ERROR
private static final java.lang.Class AUTHORIZATION_CONTROLLER_CLASS
private static org.apache.commons.logging.Log log
protected static AuthorizationController controller
Constructor Detail |
---|
public AuthorizationControlFilter()
Method Detail |
---|
public static AuthorizationController getAuthorizationController()
public void init(javax.servlet.FilterConfig config) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
init
in class AbstractControlFilter<AuthorizationController>
config
- FilterConfig instance.
javax.servlet.ServletException
- Exception which is thrown at the time of abnormal initialization.Filter.init(javax.servlet.FilterConfig)
,
AbstractControlFilter
public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain chain) throws java.io.IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
doFilter
in class AbstractControlFilter<AuthorizationController>
req
- HTTP requestres
- HTTP responsechain
- Filter chain
java.io.IOException
- I/O error
javax.servlet.ServletException
- Servlet exceptionFilter.doFilter(javax.servlet.ServletRequest,
javax.servlet.ServletResponse,
javax.servlet.FilterChain)
protected java.lang.Class getControllerClass()
getControllerClass
in class AbstractControlFilter<AuthorizationController>
protected java.lang.String getErrorCode()
getErrorCode
in class AbstractControlFilter<AuthorizationController>
public java.lang.String getDefaultControllerBeanId()
getDefaultControllerBeanId
in class AbstractControlFilter<AuthorizationController>
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |