Package org.chenile.security.interceptor

Class SecurityInterceptor

java.lang.Object

org.chenile.core.interceptors.BaseChenileInterceptor

org.chenile.security.interceptor.SecurityInterceptor

All Implemented Interfaces:

Command<ChenileExchange>

public class SecurityInterceptor
extends BaseChenileInterceptor

This interceptor uses SecurityConfig to secure this particular resource.It first looks at the SecurityConfig to see if there are any guarding authorities for this service. If there are none then this interceptor does nothing.
Next, it looks at the authorities of the signed-in user. It throws a 401 (UNAUTHORIZED) if the authorities don't exist for the current user. Now, it compares current authorities with the guarding authorities for this service. It lets the user in if even one of the guarding authorities exist for the current user. Else it throws a 403 (FORBIDDEN)
Finally, if the SecurityConfig says that the resource is UNPROTECTED, it does not do anything
Please see SecurityConfig for more details about the various annotation fields and how they are used

Field Summary

Fields

Modifier and Type	Field	Description
private static final org.slf4j.Logger	logger
(package private) SecurityService	securityService

Constructor Summary

Constructors

Constructor	Description
SecurityInterceptor()

Method Summary

Modifier and Type	Method	Description
protected boolean	bypassInterception(ChenileExchange exchange)	This bypasses the logic only if the security config is configured to be unprotected or if the security config does not exist at all. Also, we will only enforce it in the HTTP end point.
protected void	doPreProcessing(ChenileExchange exchange)	Override this to do pre-processing.

Methods inherited from class org.chenile.core.interceptors.BaseChenileInterceptor

doContinue, doPostProcessing, execute, getExtensionByAnnotation, getExtensionByAnnotation, resumeFromSavedPoint, savePoint

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

private static final org.slf4j.Logger logger

securityService

@Autowired
SecurityService securityService

Constructor Details

SecurityInterceptor

public SecurityInterceptor()

Method Details

doPreProcessing

protected void doPreProcessing(ChenileExchange exchange)

Description copied from class: BaseChenileInterceptor

Override this to do pre-processing. This will be called before the service is invoked. Don't expect to see exception or response being set in ChenileExchange. However you can check for ChenileExchange.getBody() to manipulate the body if this interceptor is a Chenile post processor or a service specific or operation specific interceptor.
If this interceptor is a Chenile pre-processor, then ChenileExchange.getBody() will return null. Then you need to look at headers only.

Overrides:

doPreProcessing in class BaseChenileInterceptor

bypassInterception

protected boolean bypassInterception(ChenileExchange exchange)

This bypasses the logic only if the security config is configured to be unprotected or if the security config does not exist at all.
Also, we will only enforce it in the HTTP end point. We assume that all the other end points are secured

Overrides:

bypassInterception in class BaseChenileInterceptor

Parameters:

exchange - the exchange

Returns:

true if the SecurityConfig is configured to be UNPROTECTED or if config is missing