toolbox.web
Class PermissionFilter

Package class diagram package PermissionFilter
java.lang.Object
  extended by toolbox.web.PermissionFilter
All Implemented Interfaces:
javax.servlet.Filter

public class PermissionFilter
extends java.lang.Object
implements javax.servlet.Filter

Filter implementation to apply transparent access permissions to web applications developed using the Toolbox API. The filter obtains a collection of access permissions from an XML configuration file.


Nested Class Summary
(package private)  class PermissionFilter.Permission
          Inner class that represents a single access permission.
 
Constructor Summary
PermissionFilter()
          Default constructor
 
Method Summary
 void destroy()
          Destroy this filter
 void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)
          Attempt to authorise the session to access the requested resource (template/action).
 void init(javax.servlet.FilterConfig config)
          Initialise the filter by parsing the XML configuration and creating an in memory image of the access permissions.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PermissionFilter

public PermissionFilter()
Default constructor

Method Detail

init

public void init(javax.servlet.FilterConfig config)
          throws javax.servlet.ServletException
Initialise the filter by parsing the XML configuration and creating an in memory image of the access permissions.

Specified by:
init in interface javax.servlet.Filter
Parameters:
config - Filter configuration.
Throws:
javax.servlet.ServletException - if the filter cannot be initialised.

doFilter

public void doFilter(javax.servlet.ServletRequest request,
                     javax.servlet.ServletResponse response,
                     javax.servlet.FilterChain chain)
              throws javax.servlet.ServletException,
                     java.io.IOException
Attempt to authorise the session to access the requested resource (template/action).

Specified by:
doFilter in interface javax.servlet.Filter
Parameters:
request - The servlet request.
response - The servlet response.
chain - The filter chain.
Throws:
javax.servlet.ServletException - if an exception occurs during authorisation.
java.io.IOException - if an exception occurs during authorisation.

destroy

public void destroy()
Destroy this filter

Specified by:
destroy in interface javax.servlet.Filter