Class PathFilterRule
java.lang.Object
org.camunda.bpm.webapp.impl.security.filter.PathFilterRule
- All Implemented Interfaces:
SecurityFilterRule
A SecurityFilterRule that deleagates to a set of PathMatchers
How this thing works:
- A path that is not listed in
deniedPathsis always granted anonymous access (even if the user is authenticated for a process engine). - A path that is listed in
deniedPathsis then also checked againstallowedPaths. - A path that is listed in
allowedPathsis checked by the correspondingRequestAuthorizerthat can decide to grant/deny (identified or anonymous) access. - A path that is not listed in
allowedPathsis always granted anonymous access (viaFilterRules.authorize(String, String, List))
- Author:
- Daniel Meyer, nico.rehwaldt
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionAuthorize the given request and return aAuthorizationas a result.
-
Field Details
-
allowedPaths
-
deniedPaths
-
-
Constructor Details
-
PathFilterRule
public PathFilterRule()
-
-
Method Details
-
authorize
Description copied from interface:SecurityFilterRuleAuthorize the given request and return aAuthorizationas a result. May returnnullif the request could not be authorized.- Specified by:
authorizein interfaceSecurityFilterRule- Returns:
- the authorization for the given request or
nullif the authorization for the request could not be checked
-
getAllowedPaths
-
getDeniedPaths
-