public class UserRoleAuthorizationInterceptor extends HandlerInterceptorAdapter
javax.servlet.http.HttpServletRequest#isUserInRole
Modifier and Type | Field and Description |
---|---|
private java.lang.String[] |
authorizedRoles |
Constructor and Description |
---|
UserRoleAuthorizationInterceptor() |
Modifier and Type | Method and Description |
---|---|
protected void |
handleNotAuthorized(HttpServletRequest request,
HttpServletResponse response,
java.lang.Object handler)
Handle a request that is not authorized according to this interceptor.
|
boolean |
preHandle(HttpServletRequest request,
HttpServletResponse response,
java.lang.Object handler)
This implementation always returns
true . |
void |
setAuthorizedRoles(java.lang.String... authorizedRoles)
Set the roles that this interceptor should treat as authorized.
|
afterCompletion, afterConcurrentHandlingStarted, postHandle
public final void setAuthorizedRoles(java.lang.String... authorizedRoles)
authorizedRoles
- array of role namespublic final boolean preHandle(HttpServletRequest request, HttpServletResponse response, java.lang.Object handler) throws ServletException, java.io.IOException
HandlerInterceptorAdapter
true
.preHandle
in interface HandlerInterceptor
preHandle
in class HandlerInterceptorAdapter
request
- current HTTP requestresponse
- current HTTP responsehandler
- chosen handler to execute, for type and/or instance evaluationtrue
if the execution chain should proceed with the
next interceptor or the handler itself. Else, DispatcherServlet assumes
that this interceptor has already dealt with the response itself.ServletException
java.io.IOException
protected void handleNotAuthorized(HttpServletRequest request, HttpServletResponse response, java.lang.Object handler) throws ServletException, java.io.IOException
This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a ServletException.
request
- current HTTP requestresponse
- current HTTP responsehandler
- chosen handler to execute, for type and/or instance evaluationjavax.servlet.ServletException
- if there is an internal errorjava.io.IOException
- in case of an I/O error when writing the responseServletException