Package org.chenile.security.interceptor
Class SecurityInterceptor
java.lang.Object
org.chenile.core.interceptors.BaseChenileInterceptor
org.chenile.security.interceptor.SecurityInterceptor
- All Implemented Interfaces:
org.chenile.owiz.Command<org.chenile.core.context.ChenileExchange>
public class SecurityInterceptor
extends org.chenile.core.interceptors.BaseChenileInterceptor
This interceptor uses
Next, it looks at the authorities of the signed-in user. It throws a 401 (UNAUTHORIZED) if the authorities don't exist for the current user. Now, it compares current authorities with the guarding authorities for this service. It lets the user in if even one of the guarding authorities exist for the current user. Else it throws a 403 (FORBIDDEN)
Finally, if the SecurityConfig says that the resource is UNPROTECTED, it does not do anything
Please see
SecurityConfig to secure this particular resource.It first looks at the
SecurityConfig to see if there are any guarding authorities for this service. If there are none then
this interceptor does nothing. Next, it looks at the authorities of the signed-in user. It throws a 401 (UNAUTHORIZED) if the authorities don't exist for the current user. Now, it compares current authorities with the guarding authorities for this service. It lets the user in if even one of the guarding authorities exist for the current user. Else it throws a 403 (FORBIDDEN)
Finally, if the SecurityConfig says that the resource is UNPROTECTED, it does not do anything
Please see
SecurityConfig for more details about the various annotation fields and how they are used-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final org.slf4j.Logger(package private) SecurityService -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected booleanbypassInterception(org.chenile.core.context.ChenileExchange exchange) This bypasses the logic only if the security config is configured to be unprotected or if the security config does not exist at all.
Also, we will only enforce it in the HTTP end point.protected voiddoPreProcessing(org.chenile.core.context.ChenileExchange exchange) Methods inherited from class org.chenile.core.interceptors.BaseChenileInterceptor
doContinue, doPostProcessing, execute, getExtensionByAnnotation, getExtensionByAnnotation, resumeFromSavedPoint, savePoint
-
Field Details
-
logger
private static final org.slf4j.Logger logger -
securityService
-
-
Constructor Details
-
SecurityInterceptor
public SecurityInterceptor()
-
-
Method Details
-
doPreProcessing
protected void doPreProcessing(org.chenile.core.context.ChenileExchange exchange) - Overrides:
doPreProcessingin classorg.chenile.core.interceptors.BaseChenileInterceptor
-
bypassInterception
protected boolean bypassInterception(org.chenile.core.context.ChenileExchange exchange) This bypasses the logic only if the security config is configured to be unprotected or if the security config does not exist at all.
Also, we will only enforce it in the HTTP end point. We assume that all the other end points are secured- Overrides:
bypassInterceptionin classorg.chenile.core.interceptors.BaseChenileInterceptor- Parameters:
exchange- the exchange- Returns:
- true if the SecurityConfig is configured to be UNPROTECTED or if config is missing
-