|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.sun.jersey.oauth.server.api.OAuthServerFilter
public class OAuthServerFilter
OAuth request filter that filters all requests indicating in the Authorization header they use OAuth. Checks if the incoming requests are properly authenticated and populates the security context with the corresponding user principal and roles.
When an application is deployed as a Servlet or Filter this Jersey filter can be registered using the following initialization parameters:
<init-param> <param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name> <param-value>com.sun.jersey.oauth.server.api.OAuthServerFilter</param-value> </init-param>
This filter requires an implementation of OAuthProvider
interface to be
included in the list of providers of the application (e.g. by annotating it
using the Provider
annotation and having it on the scanning classpath).
The constants in this class indicate how you can parameterize this filter. E.g. when an application is deployed as a Servlet or Filter you can set the path patern to be ignored by this filter using the following initialization parameter:
<init-param> <param-name>com.sun.jersey.config.property.oauth.ignorePathPattern</param-name> <param-value>/login</param-value> </init-param>
Field Summary | |
---|---|
static java.lang.String |
FEATURE_NO_FAIL
If set to true makes the correct OAuth authentication optional - i.e. |
static java.lang.String |
PROPERTY_GC_PERIOD
Property that can be set to frequency of collecting nonces exceeding max. |
static java.lang.String |
PROPERTY_IGNORE_PATH_PATTERN
Property that can be set to a regular expression used to match the path (relative to the base URI) this filter should not be applied to. |
static java.lang.String |
PROPERTY_MAX_AGE
Can be set to max. |
static java.lang.String |
PROPERTY_REALM
OAuth realm. |
Constructor Summary | |
---|---|
OAuthServerFilter(ResourceConfig rc,
OAuthProvider provider)
|
Method Summary | |
---|---|
ContainerRequest |
filter(ContainerRequest request)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String PROPERTY_REALM
public static final java.lang.String PROPERTY_IGNORE_PATH_PATTERN
public static final java.lang.String PROPERTY_MAX_AGE
public static final java.lang.String PROPERTY_GC_PERIOD
public static final java.lang.String FEATURE_NO_FAIL
Response.Status#BAD_REQUEST
or Response.Status#UNAUTHORIZED
) the filter
will ignore this request (as if it was not authenticated) and let the web application deal with it.
Constructor Detail |
---|
public OAuthServerFilter(@Context ResourceConfig rc, @Context OAuthProvider provider)
Method Detail |
---|
public ContainerRequest filter(ContainerRequest request)
filter
in interface ContainerRequestFilter
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |