You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@unomi.apache.org by jk...@apache.org on 2021/03/31 17:48:17 UTC
[unomi] branch guestAuthenticationPublicRest updated: UNOMI-453:
update java doc (again)
This is an automated email from the ASF dual-hosted git repository.
jkevan pushed a commit to branch guestAuthenticationPublicRest
in repository https://gitbox.apache.org/repos/asf/unomi.git
The following commit(s) were added to refs/heads/guestAuthenticationPublicRest by this push:
new d1f1d85 UNOMI-453: update java doc (again)
d1f1d85 is described below
commit d1f1d85b61feac47f59f5a1b871bdf0f6bf49834
Author: Kevan <ke...@jahia.com>
AuthorDate: Wed Mar 31 19:48:11 2021 +0200
UNOMI-453: update java doc (again)
---
.../unomi/rest/authentication/AuthorizingInterceptor.java | 13 ++++++++++---
.../unomi/rest/authentication/RestAuthenticationConfig.java | 9 +++++----
2 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/rest/src/main/java/org/apache/unomi/rest/authentication/AuthorizingInterceptor.java b/rest/src/main/java/org/apache/unomi/rest/authentication/AuthorizingInterceptor.java
index fa2ab8d..39664a7 100644
--- a/rest/src/main/java/org/apache/unomi/rest/authentication/AuthorizingInterceptor.java
+++ b/rest/src/main/java/org/apache/unomi/rest/authentication/AuthorizingInterceptor.java
@@ -22,9 +22,7 @@ import java.lang.reflect.Method;
import java.util.List;
/**
- * Override of the SimpleAuthorizingInterceptor
- * In charge of testing role on method access
- * The override allow to define roles mapping based on Class.method instead of only method names.
+ * Authorizing interceptor is in charge of testing that current authenticate user have the expected role during method access
*/
public class AuthorizingInterceptor extends SimpleAuthorizingInterceptor {
@@ -34,6 +32,15 @@ public class AuthorizingInterceptor extends SimpleAuthorizingInterceptor {
setMethodRolesMap(restAuthenticationConfig.getMethodRolesMap());
}
+ /**
+ * Returns a list of expected roles for a given method.
+ *
+ * This override provide an additional lookup to the default implementation
+ * It's now possible resolve role mapping using this syntax: CLASS_NAME.METHOD_NAME
+ *
+ * @param method Method
+ * @return list, empty if no roles are available
+ */
@Override
protected List<String> getExpectedRoles(Method method) {
// let super class calculate the roles to see if he is able to find something
diff --git a/rest/src/main/java/org/apache/unomi/rest/authentication/RestAuthenticationConfig.java b/rest/src/main/java/org/apache/unomi/rest/authentication/RestAuthenticationConfig.java
index e18a201..601f8de 100644
--- a/rest/src/main/java/org/apache/unomi/rest/authentication/RestAuthenticationConfig.java
+++ b/rest/src/main/java/org/apache/unomi/rest/authentication/RestAuthenticationConfig.java
@@ -24,14 +24,15 @@ import java.util.regex.Pattern;
* This interface provide rest authentication configuration for the rest server.
*/
public interface RestAuthenticationConfig {
-
+
/**
- * The patterns will be tested against this format: "HTTP_METHOD HTTP_PATH"
+ * This provide the patterns to identify public endpoints
+ * The patterns will be tested against this format: "HTTP_METHOD HTTP_PATH_WITHOUT_CXS_PREFIX", like: "GET context.json"
*
- * sample pattern for allowing GET, POST and OPTIONS on context.json request would be:
+ * sample pattern for identify GET, POST and OPTIONS on "/cxs/context.json" as public requests would be:
* "(GET|POST|OPTIONS) context\\.json"
*
- * sample pattern for allowing GET only on all paths starting by "client/":
+ * sample pattern for identify GET only on all paths starting by "/cxs/client/" as public requests would be:
* "GET client/.*"
*
* @return the list of public paths patterns