Package org.chenile.security.interceptor

Class SecurityInterceptor

java.lang.Object
org.chenile.core.interceptors.BaseChenileInterceptor
org.chenile.security.interceptor.SecurityInterceptor
All Implemented Interfaces:
org.chenile.owiz.Command<org.chenile.core.context.ChenileExchange>
public class SecurityInterceptor extends org.chenile.core.interceptors.BaseChenileInterceptor
This interceptor uses SecurityConfig to secure this particular resource.It first looks at the SecurityConfig to see if there are any guarding authorities for this service. If there are none then this interceptor does nothing.
Next, it looks at the authorities of the signed-in user. It throws a 401 (UNAUTHORIZED) if the authorities don't exist for the current user. Now, it compares current authorities with the guarding authorities for this service. It lets the user in if even one of the guarding authorities exist for the current user. Else it throws a 403 (FORBIDDEN)
Finally, if the SecurityConfig says that the resource is UNPROTECTED, it does not do anything
Please see SecurityConfig for more details about the various annotation fields and how they are used

  • Field Details

  • Constructor Details

    • SecurityInterceptor

      public SecurityInterceptor()

  • Method Details

    • doPreProcessing

      protected void doPreProcessing(org.chenile.core.context.ChenileExchange exchange)
      Overrides:
      doPreProcessing in class org.chenile.core.interceptors.BaseChenileInterceptor

    • guardingAuthoritiesNotFoundInCurrentAuthorities

      private boolean guardingAuthoritiesNotFoundInCurrentAuthorities(String[] guardingAuthorities, Collection<org.springframework.security.core.GrantedAuthority> currentAuthorities)

    • getGuardingAuthorities

      private String[] getGuardingAuthorities(org.chenile.core.context.ChenileExchange exchange)

    • executeAuthoritiesSupplier

      private String[] executeAuthoritiesSupplier(Object obj, org.chenile.core.context.ChenileExchange exchange)
      Parameters:
      obj - The object
      exchange - the exchange
      Returns:
      the authorities if available

    • getAuthorities

      private Collection<org.springframework.security.core.GrantedAuthority> getAuthorities()

    • bypassInterception

      protected boolean bypassInterception(org.chenile.core.context.ChenileExchange exchange)
      This bypasses the logic only if the security config is configured to be unprotected or if the security config does not exist at all.
      Overrides:
      bypassInterception in class org.chenile.core.interceptors.BaseChenileInterceptor
      Parameters:
      exchange - the exchange
      Returns:
      true if the SecurityConfig is configured to be UNPROTECTED or if config is missing