public class LogServiceSessionAuthorizationFilter extends SessionAuthorizationFilterStrategy implements javax.servlet.Filter
Modifier and Type | Field and Description |
---|---|
protected static org.apache.commons.logging.Log |
logger |
Constructor and Description |
---|
LogServiceSessionAuthorizationFilter() |
Modifier and Type | Method and Description |
---|---|
protected void |
addAuthenticatedSubjectsToRequest(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest,
org.dataone.service.types.v1.Session session,
org.dataone.service.types.v1.Subject authorizedSubject)
Allows concrete implementations of SessionAuthorizationFilterStrategy to determine how/what authenticated
subjects are added to the request's parameter values - ParameterKeys.AUTHORIZED_SUBJECTS, as well as if public
user and authenticated user constants are provided.
|
protected String |
getServiceMethodName()
The service name to look up for additional admin users defined for the services service method restrictions.
|
protected void |
handleNoCertificateManagerSession(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain fc)
Allows concrete implementations of SessionAuthorizationFilterStrategy to determine what access (if any) to allow
requests that do have session information available from the dataONE CertificateManager.
|
destroy, doFilter, init
public LogServiceSessionAuthorizationFilter()
protected void addAuthenticatedSubjectsToRequest(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest, org.dataone.service.types.v1.Session session, org.dataone.service.types.v1.Subject authorizedSubject) throws org.dataone.service.exceptions.ServiceFailure, org.dataone.service.exceptions.NotAuthorized, org.dataone.service.exceptions.NotImplemented
SessionAuthorizationFilterStrategy
addAuthenticatedSubjectsToRequest
in class SessionAuthorizationFilterStrategy
org.dataone.service.exceptions.ServiceFailure
org.dataone.service.exceptions.NotAuthorized
org.dataone.service.exceptions.NotImplemented
protected void handleNoCertificateManagerSession(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest, javax.servlet.ServletResponse response, javax.servlet.FilterChain fc) throws javax.servlet.ServletException, IOException, org.dataone.service.exceptions.NotAuthorized
SessionAuthorizationFilterStrategy
handleNoCertificateManagerSession
in class SessionAuthorizationFilterStrategy
javax.servlet.ServletException
IOException
org.dataone.service.exceptions.NotAuthorized
protected String getServiceMethodName()
SessionAuthorizationFilterStrategy
getServiceMethodName
in class SessionAuthorizationFilterStrategy
Copyright © 2018. All rights reserved.