Class ACLFilter

java.lang.Object
jakarta.servlet.GenericFilter
jakarta.servlet.http.HttpFilter
org.dogtagpki.server.rest.v2.filters.ACLFilter
All Implemented Interfaces:
jakarta.servlet.Filter, jakarta.servlet.FilterConfig, Serializable
Direct Known Subclasses:
AccountACL, AuditACL, GroupACL, SecurityDomainACL, SelfTestACL, UserACL
public abstract class ACLFilter extends jakarta.servlet.http.HttpFilter
Basic ACL filter for REST APIs Subclasses can associate ACL to servlet, URLPatterns or specific endpoints. The setAcl(String) method will assign a default ACL to use for all the associated entities (servlet or pattern). To provide a finer grained ACL it is possible to specify a map with the method setAclMap(Map). The map value is the ACL to use while the key is the endpoint where the ACL has to be applied. The key formal is: key= : The method is one of the HTTP method as defined in Java servlet request (e.g. GET, POST, etc.). The path is the endpoint in the associated servlet where the ACL has to be applied. If there is a REST path param this can be indicated with the sequence "{}". Example of ACL a servlet handking token could be: default acl: token.read ACLMap: key= POST:token value=token.add key= PUT:token/{} value=token.modify key= DELETE:token/{} value=token.delete
Author:
Marco Fargetta <mfargett@redhat.com>, Endi S. Dewata
See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final org.slf4j.Logger
    logger
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    ACLFilter()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    checkACL(jakarta.servlet.http.HttpServletRequest request, String aclName)
     
    void
    doFilter(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response, jakarta.servlet.FilterChain chain)
     
    void
    setAcl(String acl)
     
    void
    setAclMap(Map<String,String> acls)
     

    Methods inherited from class jakarta.servlet.http.HttpFilter

    doFilter

    Methods inherited from class jakarta.servlet.GenericFilter

    getFilterConfig, getFilterName, getInitParameter, getInitParameterNames, getServletContext, init, init

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface jakarta.servlet.Filter

    destroy

  • Field Details

    • logger

      public static final org.slf4j.Logger logger

  • Constructor Details

    • ACLFilter

      public ACLFilter()

  • Method Details

    • doFilter

      public void doFilter(jakarta.servlet.ServletRequest request, jakarta.servlet.ServletResponse response, jakarta.servlet.FilterChain chain) throws IOException, jakarta.servlet.ServletException
      Specified by:
      doFilter in interface jakarta.servlet.Filter
      Overrides:
      doFilter in class jakarta.servlet.http.HttpFilter
      Throws:
      IOException
      jakarta.servlet.ServletException

    • checkACL

      protected void checkACL(jakarta.servlet.http.HttpServletRequest request, String aclName) throws ForbiddenException
      Throws:
      ForbiddenException

    • setAcl

      public void setAcl(String acl)

    • setAclMap

      public void setAclMap(Map<String,String> acls)