UserRoleAuthorizationInterceptor (Spring Framework API 2.5)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.springframework.web.portlet.handler
Class UserRoleAuthorizationInterceptor

java.lang.Object
  org.springframework.web.portlet.handler.HandlerInterceptorAdapter
      org.springframework.web.portlet.handler.UserRoleAuthorizationInterceptor

All Implemented Interfaces:: HandlerInterceptor

public class UserRoleAuthorizationInterceptor
extends HandlerInterceptorAdapter
extends HandlerInterceptorAdapter

Interceptor that checks the authorization of the current user via the user's roles, as evaluated by PortletRequest's isUserInRole method.

Since:: 2.0
Author:: John A. Lewis, Juergen Hoeller
See Also:: PortletRequest.isUserInRole(java.lang.String)

Constructor Summary
`UserRoleAuthorizationInterceptor()`

Method Summary
`protected void`	`handleNotAuthorized(javax.portlet.PortletRequest request, javax.portlet.PortletResponse response, Object handler)` Handle a request that is not authorized according to this interceptor.
`boolean`	`preHandle(javax.portlet.PortletRequest request, javax.portlet.PortletResponse response, Object handler)` Default callback that both `preHandleRender` and `preHandleAction` delegate to.
`void`	`setAuthorizedRoles(String[] authorizedRoles)` Set the roles that this interceptor should treat as authorized.

Methods inherited from class org.springframework.web.portlet.handler.HandlerInterceptorAdapter
`afterActionCompletion, afterCompletion, afterRenderCompletion, postHandleRender, preHandleAction, preHandleRender`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

UserRoleAuthorizationInterceptor

public UserRoleAuthorizationInterceptor()

Method Detail

setAuthorizedRoles

public final void setAuthorizedRoles(String[] authorizedRoles)

Set the roles that this interceptor should treat as authorized.

Parameters:: authorizedRoles - array of role names

preHandle

public final boolean preHandle(javax.portlet.PortletRequest request,
                               javax.portlet.PortletResponse response,
                               Object handler)
                        throws javax.portlet.PortletException,
                               IOException

Description copied from class: HandlerInterceptorAdapter

Default callback that both preHandleRender and preHandleAction delegate to.

This implementation always returns true.

Overrides:: preHandle in class HandlerInterceptorAdapter

Throws:: javax.portlet.PortletException; IOException
See Also:: HandlerInterceptorAdapter.preHandleRender(javax.portlet.RenderRequest, javax.portlet.RenderResponse, java.lang.Object), HandlerInterceptorAdapter.preHandleAction(javax.portlet.ActionRequest, javax.portlet.ActionResponse, java.lang.Object)

handleNotAuthorized

protected void handleNotAuthorized(javax.portlet.PortletRequest request,
                                   javax.portlet.PortletResponse response,
                                   Object handler)
                            throws javax.portlet.PortletException,
                                   IOException

Handle a request that is not authorized according to this interceptor. Default implementation throws a new PortletSecurityException.

This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a PortletException.

Parameters:: request - current portlet request; response - current portlet response; handler - chosen handler to execute, for type and/or instance evaluation
Throws:: javax.portlet.PortletException - if there is an internal error; IOException - in case of an I/O error when writing the response