Constructor Detail

• AbstractAuthorizingInInterceptor

  public AbstractAuthorizingInInterceptor()

• AbstractAuthorizingInInterceptor

  public AbstractAuthorizingInInterceptor(boolean uniqueId)

Method Detail

• handleMessage

  public void handleMessage(org.apache.cxf.message.Message message)
                     throws org.apache.cxf.interceptor.Fault

  Throws:

  org.apache.cxf.interceptor.Fault

• getTargetMethod

  protected Method getTargetMethod(org.apache.cxf.message.Message m)

• authorize

  protected boolean authorize(org.apache.cxf.security.SecurityContext sc,
                  Method method)

• isMethodProtected

  protected boolean isMethodProtected(Method method)

• isUserInRole

  protected boolean isUserInRole(org.apache.cxf.security.SecurityContext sc,
                     List<String> roles,
                     boolean deny)

• getExpectedRoles

  protected abstract List<String> getExpectedRoles(Method method)

  Returns a list of expected roles for a given method.

  Parameters:

  method - Method

  Returns:

  list, empty if no roles are available

• getDenyRoles

  protected List<String> getDenyRoles(Method method)

  Returns a list of roles to be denied for a given method.

  Parameters:

  method - Method

  Returns:

  list, empty if no roles are available

• isAllowAnonymousUsers

  public boolean isAllowAnonymousUsers()

• setAllowAnonymousUsers

  public void setAllowAnonymousUsers(boolean allowAnonymousUsers)