org.edg.security.authorization
Class AuthorizationFilter

java.lang.Object
  |
  +--org.edg.security.authorization.AuthorizationFilter
All Implemented Interfaces:
javax.servlet.Filter

public final class AuthorizationFilter
extends java.lang.Object
implements javax.servlet.Filter

This class implements javax.servlet.Filter and it's purpose is to inspect X509 distinguished names of the clients and attach database connections to the servlet request on the fly after comparing DNs with the data stored in a relational database.

Version:
$Id: AuthorizationFilter.java,v 1.19 2003/10/23 15:27:52 gianluca Exp $
Author:
Niklas Karlsson HIP, Ville Nenonen HIP Gian Luca Volpato SRC

Constructor Summary
AuthorizationFilter()
           
 
Method Summary
 void destroy()
          Deallocates stuff.
 void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse res, javax.servlet.FilterChain fchain)
          Filters the ServletRequest and adds some db information like db connection string into the request via a specific RequestWrapper class.
 void init(javax.servlet.FilterConfig filtercfg)
          Initializes the filter, loads configuration parameters, creates an instance of the AuthorizationManager.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthorizationFilter

public AuthorizationFilter()
Method Detail

init

public void init(javax.servlet.FilterConfig filtercfg)
          throws javax.servlet.ServletException
Initializes the filter, loads configuration parameters, creates an instance of the AuthorizationManager.

Specified by:
init in interface javax.servlet.Filter
Parameters:
filtercfg - A configuration object used to pass information to the filter
Throws:
javax.servlet.ServletException - In case of an error

doFilter

public void doFilter(javax.servlet.ServletRequest req,
                     javax.servlet.ServletResponse res,
                     javax.servlet.FilterChain fchain)
              throws java.io.IOException,
                     javax.servlet.ServletException
Filters the ServletRequest and adds some db information like db connection string into the request via a specific RequestWrapper class. If the servlet request was made using HTTP (unsecure) just send it through the filter without further processing.

Specified by:
doFilter in interface javax.servlet.Filter
Parameters:
req - The ServletRequest to be filtered
res - The ServletResponse
fchain - The Filterchain defined in the app's web.xml file
java.io.IOException
javax.servlet.ServletException

destroy

public void destroy()
Deallocates stuff.

Specified by:
destroy in interface javax.servlet.Filter