org.norther.tammi.spray.filter
Interface SecureFilter

All Superinterfaces:

AccessController, Filter

All Known Subinterfaces:

BranchFilter<F>, FlowFilter, FormFilter, HostFilter<F>, LayoutFilter, LinkFilter<F>, PageFilter, PipeFilter<F>, SecureContainerFilter<V>, SecureContainerKeyFilter<V>, SecureKeyFilter, ServiceFilter<F>, TaskFilter, UploadFilter

All Known Implementing Classes:

DefaultBranchFilter, DefaultFlowFilter, DefaultFormFilter, DefaultHostFilter, DefaultLayoutFilter, DefaultLinkFilter, DefaultPageFilter, DefaultPipeFilter, DefaultSecureContainerFilter, DefaultSecureContainerKeyFilter, DefaultSecureFilter, DefaultSecureKeyFilter, DefaultServiceFilter, DefaultTaskFilter, DefaultUploadFilter

public interface SecureFilter
extends AccessController, Filter

SecureFilter extends Filter by protecting the filter with an access controller.

Version:

$Id: SecureFilter.java,v 1.13 2010-05-05 10:33:50 cvsimp Exp $

Author:

Ilkka Priha

Method Summary

boolean

checkPermission(Permission permission, ServletRequest request, ServletResponse response, FilterChain chain) Checks whether or not the specified request has the specified permission.

Methods inherited from interface org.norther.tammi.core.security.AccessController

addAllowedPermission, addDeniedPermission, allowedPermissions, allowedRoleSet, checkPermission, clearAllowedPermissions, clearDeniedPermissions, deniedPermissions, deniedRoleSet, getPermissibleRoles, isProtected, removeAllowedPermissions, removeDeniedPermissions, setAllowedPermissions, setDeniedPermissions

Methods inherited from interface javax.servlet.Filter

destroy, doFilter, init

Method Detail

checkPermission

boolean checkPermission(Permission permission,
                        ServletRequest request,
                        ServletResponse response,
                        FilterChain chain)

Checks whether or not the specified request has the specified permission. If it does, true is returned, otherwise false is returned. More specifically, this method checks whether the passed permission is implied by the allowed permissions, not implied by the denied permissions and the principal of the request has an appropriate role mapped to the corresponding permission.

If the access controller is not protected by any permissions, true is returned.

Parameters:

permission - the permission to be checked for.

request - the authenticated request.

response - the corresponding response.

chain - the active filter chain.

Returns:

true if the request has the permission, false otherwise.

Throws:

SecurityException - if the access control list is invalid.