2 * Copyright © 2016-2017 European Support Limited
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package org.openecomp.server.filters;
19 import javax.servlet.Filter;
20 import javax.servlet.FilterChain;
21 import javax.servlet.FilterConfig;
22 import javax.servlet.ServletException;
23 import javax.servlet.ServletRequest;
24 import javax.servlet.ServletResponse;
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpServletResponse;
27 import java.io.IOException;
29 public class ActionAuthorizationFilter implements Filter {
33 public void destroy() {
34 //destroy() is not implemented for ActionAuthorizationFilter
39 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
40 FilterChain filterChain)
41 throws IOException, ServletException {
43 HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
44 if (httpRequest.isUserInRole(httpRequest.getMethod().toUpperCase())) {
45 filterChain.doFilter(servletRequest, servletResponse);
47 setResponseStatus((HttpServletResponse) servletResponse, HttpServletResponse.SC_FORBIDDEN);
51 private void setResponseStatus(HttpServletResponse response, int status) {
52 response.setStatus(status);
56 public void init(FilterConfig arg0) throws ServletException {
57 //init() is not implemented for ActionAuthorizationFilter
Code Review / sdc.git / blob