I have a new implementation of picketlink PathAuthorizer (org.picketlink.http.authorization.PathAuthorizer) that check if an url is allowed for the user.
public class BssPathAuthorizer implements PathAuthorizer {
@Inject Identity identity;
@Override
public boolean authorize(PathConfiguration pc, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) {
if( identity != null){
LOG.log(Level.FINE, "Identity loggato: {0}", identity.isLoggedIn());
String uri = request.getRequestURI();
String contextpath = request.getContextPath();
LOG.log(Level.FINE, "URI: {0}, context path: {1}", new Object[]{uri, contextpath});
Method m = findMethod(uri);...
After I get the method by "findMethod()", i'll check some annotations and i return true if the user has permission.
There is a simple way to retrieve from webservice url (for example: .../user/edit) what is the class-method that implement it ( for example UserManager.edit() )?
Aucun commentaire:
Enregistrer un commentaire