Package fish.payara.appserver.cdi.auth.roles

Class RolesPermittedInterceptor

java.lang.Object

fish.payara.appserver.cdi.auth.roles.RolesPermittedInterceptor

All Implemented Interfaces:

Serializable

@Interceptor
@Priority(5000)
public class RolesPermittedInterceptor
extends Object
implements Serializable

The RolesPermitted Interceptor authenticates requests to methods and classes annotated with the @RolesPermitted annotation. If the security context cannot find a role within the requestor which matches either all (if using the AND semantic within the RolesPermitted annotation) or one of (if using the OR semantic within the RolesPermitted annotation), then a CallerAccessException is thrown.

Author:

Michael Ranaldo , Arjan Tijms

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor	Description
RolesPermittedInterceptor(jakarta.enterprise.inject.spi.Bean<?> interceptedBean)

Method Summary

Modifier and Type	Method	Description
boolean	checkAccessPermitted(RolesPermitted roles, jakarta.interceptor.InvocationContext invocationContext)	Check that the roles allowed by the class or method match the roles currently granted to the caller.
static <A extends Annotation> Optional<A>	getAnnotationFromMethod(jakarta.enterprise.inject.spi.BeanManager beanManager, Method annotatedMethod, Class<A> annotationType)
Object	method(jakarta.interceptor.InvocationContext invocationContext)	Method invoked whenever a method annotated with @Roles, or a method within a class annotated with @Roles is called.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RolesPermittedInterceptor

@Inject
public RolesPermittedInterceptor(@Intercepted
                                 jakarta.enterprise.inject.spi.Bean<?> interceptedBean)

Method Detail

method

public Object method(jakarta.interceptor.InvocationContext invocationContext)
              throws Exception

Method invoked whenever a method annotated with @Roles, or a method within a class annotated with @Roles is called.

Parameters:

invocationContext - Context provided by Weld.

Returns:

Proceed to next interceptor in chain.

Throws:

Exception

CallerAccessException - if access is not permitted

checkAccessPermitted

public boolean checkAccessPermitted(RolesPermitted roles,
                                    jakarta.interceptor.InvocationContext invocationContext)

Check that the roles allowed by the class or method match the roles currently granted to the caller.

Parameters:

roles - The roles declared within the @Roles annotation.

invocationContext -

Returns:

True if access is allowed, false otherwise

getAnnotationFromMethod

public static <A extends Annotation> Optional<A> getAnnotationFromMethod(jakarta.enterprise.inject.spi.BeanManager beanManager,
                                                                         Method annotatedMethod,
                                                                         Class<A> annotationType)