|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface RoleChecker
This interface provides user role checks.
Because the Restlet API does not support its own mechanism for role checks
(as e.g. the Servlet API), you must use this inteface if you need role checks
in a JAX-RS application.
This interface is used to check, if a user is in a role. Implementations must
be thread save.
This interface is used by SecurityContext.isUserInRole(String)
. The
JAX-RS runtime delegates this method call along with the Principal
of
the HTTP request to method isInRole(Principal, String)
, the only
method of this interface.
If you need user access control, you must give an instance of this inteface
to the JaxRsApplication
. If you do not give an instance, every call
of SecurityContext.isUserInRole(String)
results in an Internal Server
Error (HTTP status 500), which will get returned to the client (see
REJECT_WITH_ERROR
).
To check if the user is authenticated, use any Restlet Guard
.
SecurityContext
Field Summary | |
---|---|
static RoleChecker |
ALLOW_ALL
Access control constant that gives all roles to all principals. |
static RoleChecker |
FORBID_ALL
Access control constant that doesn't give any role to any principal. |
static RoleChecker |
REJECT_WITH_ERROR
An RoleChecker that throws an WebApplicationExeption with status
500 (Internal Server Error) for every call on it. |
Method Summary | |
---|---|
boolean |
isInRole(java.security.Principal principal,
java.lang.String role)
Checks, if the user is in the given role, or false if not. This method is used by the SecurityContext . |
Field Detail |
---|
static final RoleChecker ALLOW_ALL
static final RoleChecker FORBID_ALL
static final RoleChecker REJECT_WITH_ERROR
RoleChecker
that throws an WebApplicationExeption with status
500 (Internal Server Error) for every call on it.
Method Detail |
---|
boolean isInRole(java.security.Principal principal, java.lang.String role) throws javax.ws.rs.WebApplicationException
SecurityContext
.
principal
- The principal to check.role
- the role.
javax.ws.rs.WebApplicationException
- The developer may handle exceptions by throw a
WebApplicationException
.SecurityContext.isUserInRole(String)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |