org.apache.geronimo.jetty.interceptor
Class SecurityContextBeforeAfter

java.lang.Object
  org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter

All Implemented Interfaces:

BeforeAfter

public class SecurityContextBeforeAfter
extends Object
implements BeforeAfter

Constructor Summary

SecurityContextBeforeAfter(BeforeAfter next, int policyContextIDIndex, int webAppContextIndex, String policyContextID, org.apache.geronimo.security.deploy.DefaultPrincipal defaultPrincipal, org.mortbay.http.Authenticator authenticator, PermissionCollection checkedPermissions, PermissionCollection excludedPermissions, JAASJettyRealm realm, ClassLoader classLoader)

Method Summary

void	after(Object[] context, org.mortbay.http.HttpRequest httpRequest, org.mortbay.http.HttpResponse httpResponse)
void	before(Object[] context, org.mortbay.http.HttpRequest httpRequest, org.mortbay.http.HttpResponse httpResponse)
boolean	checkSecurityConstraints(String pathInContext, org.mortbay.http.HttpRequest request, org.mortbay.http.HttpResponse response) Check the security constraints using JACC.
protected JAASJettyPrincipal	generateDefaultPrincipal(org.apache.geronimo.security.deploy.DefaultPrincipal defaultPrincipal, ClassLoader classLoader) Generate the default principal from the security config.
void	stop(JettyContainer jettyContainer)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityContextBeforeAfter

public SecurityContextBeforeAfter(BeforeAfter next,
                                  int policyContextIDIndex,
                                  int webAppContextIndex,
                                  String policyContextID,
                                  org.apache.geronimo.security.deploy.DefaultPrincipal defaultPrincipal,
                                  org.mortbay.http.Authenticator authenticator,
                                  PermissionCollection checkedPermissions,
                                  PermissionCollection excludedPermissions,
                                  JAASJettyRealm realm,
                                  ClassLoader classLoader)

Method Detail

stop

public void stop(JettyContainer jettyContainer)

before

public void before(Object[] context,
                   org.mortbay.http.HttpRequest httpRequest,
                   org.mortbay.http.HttpResponse httpResponse)

Specified by:

before in interface BeforeAfter

after

public void after(Object[] context,
                  org.mortbay.http.HttpRequest httpRequest,
                  org.mortbay.http.HttpResponse httpResponse)

Specified by:

after in interface BeforeAfter

checkSecurityConstraints

public boolean checkSecurityConstraints(String pathInContext,
                                        org.mortbay.http.HttpRequest request,
                                        org.mortbay.http.HttpResponse response)
                                 throws org.mortbay.http.HttpException,
                                        IOException

Check the security constraints using JACC.

Parameters:

pathInContext - path in context

request - HTTP request

response - HTTP response

Returns:

true if the path in context passes the security check, false if it fails or a redirection has occured during authentication.

Throws:

org.mortbay.http.HttpException

IOException

generateDefaultPrincipal

protected JAASJettyPrincipal generateDefaultPrincipal(org.apache.geronimo.security.deploy.DefaultPrincipal defaultPrincipal,
                                                      ClassLoader classLoader)
                                               throws org.apache.geronimo.common.GeronimoSecurityException

Generate the default principal from the security config.

Parameters:

defaultPrincipal - The Geronimo security configuration.

classLoader -

Returns:

the default principal

Throws:

org.apache.geronimo.common.GeronimoSecurityException