|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.web.servlet.handler.HandlerInterceptorAdapter org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor
Interceptor that checks the authorization of the current user via the user's roles, as evaluated by HttpServletRequest's isUserInRole method.
HttpServletRequest.isUserInRole(java.lang.String)
Constructor Summary | |
UserRoleAuthorizationInterceptor()
|
Method Summary | |
protected void |
handleNotAuthorized(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.Object handler)
Handle a request that is not authorized according to this interceptor. |
boolean |
preHandle(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.Object handler)
This implementation always returns true. |
void |
setAuthorizedRoles(java.lang.String[] authorizedRoles)
Set the roles that this interceptor should treat as authorized. |
Methods inherited from class org.springframework.web.servlet.handler.HandlerInterceptorAdapter |
afterCompletion, postHandle |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
public UserRoleAuthorizationInterceptor()
Method Detail |
public final void setAuthorizedRoles(java.lang.String[] authorizedRoles)
authorizedRoles
- array of role namespublic final boolean preHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.Object handler) throws javax.servlet.ServletException, java.io.IOException
HandlerInterceptorAdapter
preHandle
in interface HandlerInterceptor
preHandle
in class HandlerInterceptorAdapter
javax.servlet.ServletException
java.io.IOException
protected void handleNotAuthorized(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.Object handler) throws javax.servlet.ServletException, java.io.IOException
This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a ServletException.
request
- current HTTP requestresponse
- current HTTP responsehandler
- chosen handler to execute, for type and/or instance evaluation
javax.servlet.ServletException
- if there is an internal error
java.io.IOException
- in case of an I/O error when writing the response
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |