Class UserRoleAuthorizationInterceptor
- java.lang.Object
- org.springframework.web.portlet.handler.HandlerInterceptorAdapter
- org.springframework.web.portlet.handler.UserRoleAuthorizationInterceptor
- All Implemented Interfaces:
HandlerInterceptor
public class UserRoleAuthorizationInterceptor extends HandlerInterceptorAdapter
Interceptor that checks the authorization of the current user via the user's roles, as evaluated by PortletRequest's isUserInRole method.- Since:
- 2.0
- Author:
- John A. Lewis, Juergen Hoeller
- See Also:
PortletRequest.isUserInRole(java.lang.String)
Constructor Summary
Constructors Constructor Description UserRoleAuthorizationInterceptor()
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
handleNotAuthorized(PortletRequest request, PortletResponse response, Object handler)
Handle a request that is not authorized according to this interceptor.boolean
preHandle(PortletRequest request, PortletResponse response, Object handler)
Default callback that all "pre*" methods delegate to.void
setAuthorizedRoles(String... authorizedRoles)
Set the roles that this interceptor should treat as authorized.Methods inherited from class org.springframework.web.portlet.handler.HandlerInterceptorAdapter
afterActionCompletion, afterCompletion, afterEventCompletion, afterRenderCompletion, afterResourceCompletion, postHandleRender, postHandleResource, preHandleAction, preHandleEvent, preHandleRender, preHandleResource
Constructor Detail
UserRoleAuthorizationInterceptor
public UserRoleAuthorizationInterceptor()
Method Detail
setAuthorizedRoles
public final void setAuthorizedRoles(String... authorizedRoles)
Set the roles that this interceptor should treat as authorized.- Parameters:
authorizedRoles
- array of role names
preHandle
public final boolean preHandle(PortletRequest request, PortletResponse response, Object handler) throws PortletException, IOException
Description copied from class:HandlerInterceptorAdapter
Default callback that all "pre*" methods delegate to.This implementation always returns
true
.- Overrides:
preHandle
in classHandlerInterceptorAdapter
- Throws:
PortletException
IOException
handleNotAuthorized
protected void handleNotAuthorized(PortletRequest request, PortletResponse response, Object handler) throws PortletException, IOException
Handle a request that is not authorized according to this interceptor. Default implementation throws a new PortletSecurityException.This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a PortletException.
- Parameters:
request
- current portlet requestresponse
- current portlet responsehandler
- chosen handler to execute, for type and/or instance evaluation- Throws:
PortletException
- if there is an internal errorIOException
- in case of an I/O error when writing the response