Package org.keycloak.adapters.authorization.integration.jakarta

Class ServletPolicyEnforcerFilter

java.lang.Object
org.keycloak.adapters.authorization.integration.jakarta.ServletPolicyEnforcerFilter
All Implemented Interfaces:
jakarta.servlet.Filter, jakarta.servlet.ServletContextAttributeListener, EventListener
Direct Known Subclasses:
ElytronPolicyEnforcerFilter
public class ServletPolicyEnforcerFilter extends Object implements jakarta.servlet.Filter, jakarta.servlet.ServletContextAttributeListener
A Jakarta Servlet Filter acting as a policy enforcer. This filter does not enforce access for anonymous subjects.

For authenticated subjects, this filter delegates the access decision to the PolicyEnforcer and decide if the request should continue.

If access is not granted, this filter aborts the request and relies on the PolicyEnforcer to properly respond to client.
Author:
Pedro Igor

  • Constructor Summary

    Constructors
    Constructor
    Description
    ServletPolicyEnforcerFilter(ConfigurationResolver configResolver)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected PolicyEnforcer
    createPolicyEnforcer(jakarta.servlet.http.HttpServletRequest servletRequest, org.keycloak.representations.adapters.config.PolicyEnforcerConfig enforcerConfig)
     
    void
    doFilter(jakarta.servlet.ServletRequest servletRequest, jakarta.servlet.ServletResponse servletResponse, jakarta.servlet.FilterChain filterChain)
     
    protected String
    extractBearerToken(jakarta.servlet.http.HttpServletRequest request)
     
    void
    init(jakarta.servlet.FilterConfig filterConfig)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface jakarta.servlet.Filter

    destroy

    Methods inherited from interface jakarta.servlet.ServletContextAttributeListener

    attributeAdded, attributeRemoved, attributeReplaced

  • Constructor Details

  • Method Details

    • init

      public void init(jakarta.servlet.FilterConfig filterConfig)
      Specified by:
      init in interface jakarta.servlet.Filter

    • doFilter

      public void doFilter(jakarta.servlet.ServletRequest servletRequest, jakarta.servlet.ServletResponse servletResponse, jakarta.servlet.FilterChain filterChain) throws IOException, jakarta.servlet.ServletException
      Specified by:
      doFilter in interface jakarta.servlet.Filter
      Throws:
      IOException
      jakarta.servlet.ServletException

    • extractBearerToken

      protected String extractBearerToken(jakarta.servlet.http.HttpServletRequest request)

    • createPolicyEnforcer

      protected PolicyEnforcer createPolicyEnforcer(jakarta.servlet.http.HttpServletRequest servletRequest, org.keycloak.representations.adapters.config.PolicyEnforcerConfig enforcerConfig)