Package org.pac4j.core.authorization.checker

Class DefaultAuthorizationChecker

java.lang.Object

org.pac4j.core.authorization.checker.DefaultAuthorizationChecker

All Implemented Interfaces:

AuthorizationChecker

public class DefaultAuthorizationChecker
extends java.lang.Object
implements AuthorizationChecker

Default way to check the authorizations (with default authorizers).

Since:

1.8.0

Author:

Jerome Leleu

Field Summary

Fields

Modifier and Type	Field	Description
protected static CsrfAuthorizer	CSRF_AUTHORIZER
protected static IsAnonymousAuthorizer	IS_ANONYMOUS_AUTHORIZER
protected static IsAuthenticatedAuthorizer	IS_AUTHENTICATED_AUTHORIZER
protected static IsFullyAuthenticatedAuthorizer	IS_FULLY_AUTHENTICATED_AUTHORIZER
protected static IsRememberedAuthorizer	IS_REMEMBERED_AUTHORIZER

Constructor Summary

Constructors

Constructor	Description
DefaultAuthorizationChecker()

Method Summary

Modifier and Type	Method	Description
protected java.util.List<Authorizer>	computeAuthorizers(WebContext context, java.util.List<UserProfile> profiles, java.lang.String authorizersValue, java.util.Map<java.lang.String,Authorizer> authorizersMap, java.util.List<Client> clients)
protected java.util.List<Authorizer>	computeAuthorizersFromNames(java.lang.String authorizerNames, java.util.Map<java.lang.String,Authorizer> authorizersMap)
protected java.util.List<Authorizer>	computeDefaultAuthorizers(WebContext context, java.util.List<UserProfile> profiles, java.util.List<Client> clients, java.util.Map<java.lang.String,Authorizer> authorizersMap)
protected boolean	containsClientType(java.util.List<Client> clients, java.lang.Class<? extends Client> clazz)
boolean	isAuthorized(WebContext context, SessionStore sessionStore, java.util.List<UserProfile> profiles, java.lang.String authorizersValue, java.util.Map<java.lang.String,Authorizer> authorizersMap, java.util.List<Client> clients)	Check whether the user is authorized.
protected boolean	isAuthorized(WebContext context, SessionStore sessionStore, java.util.List<UserProfile> profiles, java.util.List<Authorizer> authorizers)
protected Authorizer	retrieveAuthorizer(java.lang.String authorizerName, java.util.Map<java.lang.String,Authorizer> authorizersMap)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CSRF_AUTHORIZER

protected static final CsrfAuthorizer CSRF_AUTHORIZER

IS_ANONYMOUS_AUTHORIZER

protected static final IsAnonymousAuthorizer IS_ANONYMOUS_AUTHORIZER

IS_AUTHENTICATED_AUTHORIZER

protected static final IsAuthenticatedAuthorizer IS_AUTHENTICATED_AUTHORIZER

IS_FULLY_AUTHENTICATED_AUTHORIZER

protected static final IsFullyAuthenticatedAuthorizer IS_FULLY_AUTHENTICATED_AUTHORIZER

IS_REMEMBERED_AUTHORIZER

protected static final IsRememberedAuthorizer IS_REMEMBERED_AUTHORIZER

Constructor Detail

DefaultAuthorizationChecker

public DefaultAuthorizationChecker()

Method Detail

isAuthorized

public boolean isAuthorized(WebContext context,
                            SessionStore sessionStore,
                            java.util.List<UserProfile> profiles,
                            java.lang.String authorizersValue,
                            java.util.Map<java.lang.String,Authorizer> authorizersMap,
                            java.util.List<Client> clients)

Description copied from interface: AuthorizationChecker

Check whether the user is authorized.

Specified by:

isAuthorized in interface AuthorizationChecker

Parameters:

context - the web context

sessionStore - the session store

profiles - the profile

authorizersValue - the authorizers

authorizersMap - the map of authorizers

clients - the clients

Returns:

whether the user is authorized.

computeAuthorizers

protected java.util.List<Authorizer> computeAuthorizers(WebContext context,
                                                        java.util.List<UserProfile> profiles,
                                                        java.lang.String authorizersValue,
                                                        java.util.Map<java.lang.String,Authorizer> authorizersMap,
                                                        java.util.List<Client> clients)

computeDefaultAuthorizers

protected java.util.List<Authorizer> computeDefaultAuthorizers(WebContext context,
                                                               java.util.List<UserProfile> profiles,
                                                               java.util.List<Client> clients,
                                                               java.util.Map<java.lang.String,Authorizer> authorizersMap)

computeAuthorizersFromNames

protected java.util.List<Authorizer> computeAuthorizersFromNames(java.lang.String authorizerNames,
                                                                 java.util.Map<java.lang.String,Authorizer> authorizersMap)

retrieveAuthorizer

protected Authorizer retrieveAuthorizer(java.lang.String authorizerName,
                                        java.util.Map<java.lang.String,Authorizer> authorizersMap)

containsClientType

protected boolean containsClientType(java.util.List<Client> clients,
                                     java.lang.Class<? extends Client> clazz)

isAuthorized

protected boolean isAuthorized(WebContext context,
                               SessionStore sessionStore,
                               java.util.List<UserProfile> profiles,
                               java.util.List<Authorizer> authorizers)