Class WebEndpointAuthorizer

  • All Implemented Interfaces:
    org.pac4j.core.authorization.authorizer.Authorizer

    public class WebEndpointAuthorizer
    extends org.pac4j.core.authorization.authorizer.AbstractCheckAuthenticationAuthorizer
    Checks authorization to formcycle web endpoints based on the current servlet request, i.e. JSF pages or servlets. DO NOT use this authorizer by itself with custom web context (request, response), because the web endpoint and context information that is to be checked is injected via CDI. Therefore, the given request is not analyzed / used. CDI is used instead of the given web context (request, response) for performance reasons.
    Since:
    8.0.0.
    Author:
    XIMA Media GmbH
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static org.pac4j.core.authorization.authorizer.Authorizer INSTANCE  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected boolean handleError​(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore)  
      boolean isAuthorized​(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore, List<org.pac4j.core.profile.UserProfile> profiles)  
      protected boolean isProfileAuthorized​(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore, org.pac4j.core.profile.UserProfile profile)  
      • Methods inherited from class org.pac4j.core.authorization.authorizer.AbstractCheckAuthenticationAuthorizer

        getRedirectionUrl, setRedirectionUrl, toString
      • Methods inherited from class org.pac4j.core.authorization.authorizer.ProfileAuthorizer

        isAllAuthorized, isAnyAuthorized
    • Field Detail

      • INSTANCE

        public static final org.pac4j.core.authorization.authorizer.Authorizer INSTANCE
    • Constructor Detail

      • WebEndpointAuthorizer

        public WebEndpointAuthorizer()
    • Method Detail

      • isAuthorized

        public boolean isAuthorized​(org.pac4j.core.context.WebContext context,
                                    org.pac4j.core.context.session.SessionStore sessionStore,
                                    List<org.pac4j.core.profile.UserProfile> profiles)
      • handleError

        protected boolean handleError​(org.pac4j.core.context.WebContext context,
                                      org.pac4j.core.context.session.SessionStore sessionStore)
        Overrides:
        handleError in class org.pac4j.core.authorization.authorizer.AbstractCheckAuthenticationAuthorizer
      • isProfileAuthorized

        protected boolean isProfileAuthorized​(org.pac4j.core.context.WebContext context,
                                              org.pac4j.core.context.session.SessionStore sessionStore,
                                              org.pac4j.core.profile.UserProfile profile)
        Specified by:
        isProfileAuthorized in class org.pac4j.core.authorization.authorizer.ProfileAuthorizer