Class ProtectedWebEndpointMatcher
- java.lang.Object
-
- de.xima.fc.security.pac4j.matching.matcher.ProtectedWebEndpointMatcher
-
- All Implemented Interfaces:
org.pac4j.core.matching.matcher.Matcher
public class ProtectedWebEndpointMatcher extends Object implements org.pac4j.core.matching.matcher.Matcher
Custom pac4jmatcher
for checking if theweb endpoint
of the request is a protected endpoint. This matcher is needed for portal views which may be public. URIs of public portal views are not known beforehand and therefore can not be excluded from the filter mapping for the pac4j security config (seefc-security/src/main/resources/META-INF/web-fragment.xml
). For this reason this matcher is needed (using anonymous profiles instead is also not an option because that would lead to problems with redirection in unauthorized cases). DO NOT use this matcher by itself with custom web context (request, response), because the web endpoint and context information that is to be checked is injected via CDI. Therefore the given request is not analyzed / used. CDI is used instead of the given web context (request, response) for performance reasons.- Since:
- 8.0.0
- Author:
- XIMA Media GmbH
-
-
Field Summary
Fields Modifier and Type Field Description static org.pac4j.core.matching.matcher.Matcher
INSTANCE
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
matches(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore)
Checks if the web endpoint of the current request is a protected web endpoint and therefore needs authorization checks.
-
-
-
Method Detail
-
matches
public boolean matches(org.pac4j.core.context.WebContext context, org.pac4j.core.context.session.SessionStore sessionStore)
Checks if the web endpoint of the current request is a protected web endpoint and therefore needs authorization checks. ATTEENTION! Uses CDI to check the web endpoint and NOT the given web context (is the same if used in normal pac4j security flow)!- Specified by:
matches
in interfaceorg.pac4j.core.matching.matcher.Matcher
- Returns:
true
if the web endpoint of the current request is a protected endpoint which needs authorization checks andfalse
if it is a public web endpoint (e.g. public portal views) and therefore does not need authorization checks.
-
-