public class LogServiceSessionAuthorizationFilter extends SessionAuthorizationFilterStrategy implements javax.servlet.Filter
| Modifier and Type | Field and Description |
|---|---|
protected static org.apache.commons.logging.Log |
logger |
| Constructor and Description |
|---|
LogServiceSessionAuthorizationFilter() |
| Modifier and Type | Method and Description |
|---|---|
protected void |
addAuthenticatedSubjectsToRequest(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest,
org.dataone.service.types.v1.Session session,
org.dataone.service.types.v1.Subject authorizedSubject)
Allows concrete implementations of SessionAuthorizationFilterStrategy to determine how/what authenticated
subjects are added to the request's parameter values - ParameterKeys.AUTHORIZED_SUBJECTS, as well as if public
user and authenticated user constants are provided.
|
protected String |
getServiceMethodName()
The service name to look up for additional admin users defined for the services service method restrictions.
|
protected void |
handleNoCertificateManagerSession(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain fc)
Allows concrete implementations of SessionAuthorizationFilterStrategy to determine what access (if any) to allow
requests that do have session information available from the dataONE CertificateManager.
|
destroy, doFilter, initpublic LogServiceSessionAuthorizationFilter()
protected void addAuthenticatedSubjectsToRequest(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest,
org.dataone.service.types.v1.Session session,
org.dataone.service.types.v1.Subject authorizedSubject)
throws org.dataone.service.exceptions.ServiceFailure,
org.dataone.service.exceptions.NotAuthorized,
org.dataone.service.exceptions.NotImplemented
SessionAuthorizationFilterStrategyaddAuthenticatedSubjectsToRequest in class SessionAuthorizationFilterStrategyorg.dataone.service.exceptions.ServiceFailureorg.dataone.service.exceptions.NotAuthorizedorg.dataone.service.exceptions.NotImplementedprotected void handleNoCertificateManagerSession(org.dataone.cn.servlet.http.ProxyServletRequestWrapper proxyRequest,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain fc)
throws javax.servlet.ServletException,
IOException,
org.dataone.service.exceptions.NotAuthorized
SessionAuthorizationFilterStrategyhandleNoCertificateManagerSession in class SessionAuthorizationFilterStrategyjavax.servlet.ServletExceptionIOExceptionorg.dataone.service.exceptions.NotAuthorizedprotected String getServiceMethodName()
SessionAuthorizationFilterStrategygetServiceMethodName in class SessionAuthorizationFilterStrategyCopyright © 2020. All rights reserved.