Package com.orchestranetworks.rest.security

Class AuthorizationOutcome

java.lang.Object

com.orchestranetworks.rest.security.AuthorizationOutcome

public final class AuthorizationOutcome
extends Object

Defines the authorization for whether or not a user can access a REST resource.

The possible states are:

• authorized – the user has access to the REST resource.
• forbidden – the user does not have access to the REST resource. An access denied error response will be returned with, optionally, a message.

Since:

5.9.0

Method Summary

Modifier and Type	Method	Description
static AuthorizationOutcome	createForbidden(UserMessage anUserMessage)	Creates a "forbidden" outcome with a localized message.
static AuthorizationOutcome	createForbidden(String aMessage)	Creates a "forbidden" outcome with a message.
static AuthorizationOutcome	getAuthorized()	Factory method that specifies that a user is authorized to access the REST resource.
static AuthorizationOutcome	getForbidden()	Factory method that specifies that a user is forbidden to access the REST resource.
UserMessage	getMessage()	Returns a UserMessage that must be added to the HTTP response in case of forbidden state.
boolean	isAuthorized()	Defines if the REST resource is accessible according to the evaluated AuthorizationRule.
boolean	isForbidden()	Defines if the REST resource is not accessible according to the evaluated AuthorizationRule.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

getAuthorized

public static AuthorizationOutcome getAuthorized()

Factory method that specifies that a user is authorized to access the REST resource.

No specific authorization message is returned to the client.

getForbidden

public static AuthorizationOutcome getForbidden()

Factory method that specifies that a user is forbidden to access the REST resource.

No specific message is returned to the client.

createForbidden

public static AuthorizationOutcome createForbidden(UserMessage anUserMessage)

Creates a "forbidden" outcome with a localized message.

Parameters:

anUserMessage - specifies the localized message that will be returned to the client

See Also:

• getForbidden()
• SessionContext.getLocale()

createForbidden

public static AuthorizationOutcome createForbidden(String aMessage)

Creates a "forbidden" outcome with a message.

Parameters:

aMessage - specifies the message that will be returned to the client

See Also:

• getForbidden()

isAuthorized

public boolean isAuthorized()

Defines if the REST resource is accessible according to the evaluated AuthorizationRule.

Returns:

true if the REST resource is considered accessible, false otherwise

isForbidden

public boolean isForbidden()

Defines if the REST resource is not accessible according to the evaluated AuthorizationRule.

Returns:

true if the REST resource is considered not accessible, false otherwise

getMessage

public UserMessage getMessage()

Returns a UserMessage that must be added to the HTTP response in case of forbidden state.

Returns:

the message.