org.restlet.security
Class Authorizer

java.lang.Object
  extended by org.restlet.Restlet
      extended by org.restlet.routing.Filter
          extended by org.restlet.security.Authorizer
All Implemented Interfaces:
Uniform
Direct Known Subclasses:
ConfidentialAuthorizer, MethodAuthorizer, RoleAuthorizer

public abstract class Authorizer
extends Filter

Filter authorizing inbound request. It can be attached to protect a set of downstream Restlet and ServerResource objects.

Author:
Jerome Louvel
See Also:
User Guide - Authorization

Field Summary
static Authorizer ALWAYS
          Authorizer returning true all the time.
static Authorizer AUTHENTICATED
          Authorizer returning true for all authenticated requests.
static Authorizer NEVER
          Authorizer returning false all the time.
 
Fields inherited from class org.restlet.routing.Filter
CONTINUE, SKIP, STOP
 
Constructor Summary
Authorizer()
          Default constructor.
Authorizer(String identifier)
          Constructor.
 
Method Summary
protected abstract  boolean authorize(Request request, Response response)
          Attempts to authorize the request.
protected  int authorized(Request request, Response response)
          Invoked upon successful authorization.
protected  int beforeHandle(Request request, Response response)
          Allows filtering before processing by the next Restlet.
 String getIdentifier()
          Returns the identifier unique within an application.
 void setIdentifier(String identifier)
          Sets the identifier unique within an application.
protected  int unauthorized(Request request, Response response)
          Invoked upon failed authorization.
 
Methods inherited from class org.restlet.routing.Filter
afterHandle, doHandle, getNext, handle, hasNext, setNext, setNext, start, stop
 
Methods inherited from class org.restlet.Restlet
createFinder, finalize, getApplication, getAuthor, getContext, getDescription, getFinderClass, getLogger, getName, getOwner, handle, handle, handle, isStarted, isStopped, setAuthor, setContext, setDescription, setFinderClass, setName, setOwner
 
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ALWAYS

public static final Authorizer ALWAYS
Authorizer returning true all the time.


AUTHENTICATED

public static final Authorizer AUTHENTICATED
Authorizer returning true for all authenticated requests. For unauthenticated requests, it sets the response's status to Status.CLIENT_ERROR_UNAUTHORIZED instead of the default Status.CLIENT_ERROR_FORBIDDEN.

See Also:
ClientInfo.isAuthenticated()

NEVER

public static final Authorizer NEVER
Authorizer returning false all the time.

Constructor Detail

Authorizer

public Authorizer()
Default constructor.


Authorizer

public Authorizer(String identifier)
Constructor.

Parameters:
identifier - The identifier unique within an application.
Method Detail

authorize

protected abstract boolean authorize(Request request,
                                     Response response)
Attempts to authorize the request.

Parameters:
request - The request sent.
response - The response to update.
Returns:
True if the authorization succeeded.

authorized

protected int authorized(Request request,
                         Response response)
Invoked upon successful authorization. Returns Filter.CONTINUE by default.

Parameters:
request - The request sent.
response - The response to update.
Returns:
The filter continuation code.

beforeHandle

protected int beforeHandle(Request request,
                           Response response)
Description copied from class: Filter
Allows filtering before processing by the next Restlet. Returns Filter.CONTINUE by default.

Overrides:
beforeHandle in class Filter
Parameters:
request - The request to handle.
response - The response to update.
Returns:
The continuation status. Either Filter.CONTINUE or Filter.SKIP or Filter.STOP.

getIdentifier

public String getIdentifier()
Returns the identifier unique within an application.

Returns:
The identifier unique within an application.

setIdentifier

public void setIdentifier(String identifier)
Sets the identifier unique within an application.

Parameters:
identifier - The identifier unique within an application.

unauthorized

protected int unauthorized(Request request,
                           Response response)
Invoked upon failed authorization. Sets the status to Status.CLIENT_ERROR_FORBIDDEN and returns Filter.STOP by default.

Parameters:
request - The request sent.
response - The response to update.
Returns:
The filter continuation code.


Copyright © 2005-2013 Restlet.