2 * Copyright © 2016-2017 European Support Limited
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package org.openecomp.server.filters;
19 import javax.servlet.*;
20 import javax.servlet.http.HttpServletRequest;
21 import javax.servlet.http.HttpServletResponse;
22 import java.io.IOException;
24 public class ActionAuthorizationFilter implements Filter {
28 public void destroy() {
29 //destroy() is not implemented for ActionAuthorizationFilter
34 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
35 FilterChain filterChain)
36 throws IOException, ServletException {
38 HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
39 if (httpRequest.isUserInRole(httpRequest.getMethod().toUpperCase())) {
40 filterChain.doFilter(servletRequest, servletResponse);
42 setResponseStatus((HttpServletResponse) servletResponse, HttpServletResponse.SC_FORBIDDEN);
46 private void setResponseStatus(HttpServletResponse response, int status) {
47 response.setStatus(status);
51 public void init(FilterConfig arg0) throws ServletException {
52 //init() is not implemented for ActionAuthorizationFilter