AuthorizationPolicy (apiman-gateway-engine-policies 3.1.3.Final API)

java.lang.Object
- io.apiman.gateway.engine.policies.AbstractMappedPolicy<AuthorizationConfig>
- - io.apiman.gateway.engine.policies.AuthorizationPolicy

All Implemented Interfaces:

IPolicy
```
public class AuthorizationPolicy
extends AbstractMappedPolicy<AuthorizationConfig>
```
Adds authorization capabilities to apiman. This policy allows users to specify what roles the authenticated user must have in order to be allowed to call the API. This policy works in conjunction with a compatible Authentication policy, such as the Basic authentication policy. The assumption is that such a policy will extract the roles from the source of identity (either during authentication or as a followup step). These roles will be stored in the policy context for use by this Authorization policy. The roles are represented as a simple set of strings.

Author:

eric.wittmann@redhat.com

Field Summary

Fields
Modifier and Type Field Description

static String AUTHENTICATED_USER_ROLES

Constructor Summary

Constructors
Constructor Description

AuthorizationPolicy()
Constructor.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected void`	`doApply(ApiRequest request, IPolicyContext context, AuthorizationConfig config, IPolicyChain<ApiRequest> chain)`	Override this method to interact with or observe the request.
`Class<AuthorizationConfig>`	`getConfigurationClass()`	The class to use for JSON configuration deserialization

Methods inherited from class io.apiman.gateway.engine.policies.AbstractMappedPolicy
apply, apply, doApply, doProcessFailure, parseConfiguration, processFailure

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - AUTHENTICATED_USER_ROLES
```
public static final String AUTHENTICATED_USER_ROLES
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - AuthorizationPolicy
```
public AuthorizationPolicy()
```
    Constructor.
- Method Detail
  - getConfigurationClass
```
public Class<AuthorizationConfig> getConfigurationClass()
```
    The class to use for JSON configuration deserialization
    
    Specified by:
    
    getConfigurationClass in class AbstractMappedPolicy<AuthorizationConfig>
    
    Returns:
    
    the class
  - doApply
```
protected void doApply(ApiRequest request,
                       IPolicyContext context,
                       AuthorizationConfig config,
                       IPolicyChain<ApiRequest> chain)
```
    Description copied from class: AbstractMappedPolicy
    
    Override this method to interact with or observe the request.
    
    Overrides:
    
    doApply in class AbstractMappedPolicy<AuthorizationConfig>
    
    Parameters:
    
    request - the request
    
    chain - the ordered policy chain
    
    See Also:
    
    AbstractMappedPolicy.doApply(io.apiman.gateway.engine.beans.ApiRequest, io.apiman.gateway.engine.policy.IPolicyContext, java.lang.Object, io.apiman.gateway.engine.policy.IPolicyChain)