Package org.flowable.common.rest.filter

Interface RestAuthenticator

  • public interface RestAuthenticator
    Allows enabling/disabling authentication on specific requests and allows authorisation of request after successful authentication.
    Author:
    Frederik Heremans

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean isRequestAuthorized​(javax.servlet.http.HttpServletRequest request)
      Called after a user is successfully authenticated against the Flowable identity-management.
      boolean requestRequiresAuthentication​(javax.servlet.http.HttpServletRequest request)
      Called before check is done to see if the request originates from a valid user.

    • Method Detail

      • requestRequiresAuthentication

        boolean requestRequiresAuthentication​(javax.servlet.http.HttpServletRequest request)
        Called before check is done to see if the request originates from a valid user. Allows disabling authentication and authorisation for certain requests.
        Returns:
        true, if the request requires a valid and authorised user. Return false, if the request can be executed without authentication or authorisation. If false is returned, the isRequestAuthorized(HttpServletRequest) won't be called for this request.

      • isRequestAuthorized

        boolean isRequestAuthorized​(javax.servlet.http.HttpServletRequest request)
        Called after a user is successfully authenticated against the Flowable identity-management. The logged in user can be retrieved from the request's clientInfo object.
        Returns:
        true, if the user is authorised to perform the request. Return false, if the request is not authorised for the given user.