public class UmaResourceServerFilter extends Object implements Filter
UmaResourceServerFilter
implements a PEP (Policy Enforcement Point) and is responsible to ensure the
incoming requests (from requesting parties) all have a valid RPT (Request Party Token) with the required set of
scopes.
{
"type": "UmaFilter",
"config": {
"protectionApiHandler": "HttpsClient",
"umaService": "UmaService"
}
}
Modifier and Type | Class and Description |
---|---|
static class |
UmaResourceServerFilter.Heaplet
Creates and initializes an UMA resource server filter in a heap environment.
|
Constructor and Description |
---|
UmaResourceServerFilter(UmaSharingService umaService,
Handler protectionApiHandler,
String realm)
Constructs a new UmaResourceServerFilter.
|
Modifier and Type | Method and Description |
---|---|
Promise<Response,NeverThrowsException> |
filter(Context context,
Request request,
Handler next)
Filters the request and/or response of an exchange.
|
public UmaResourceServerFilter(UmaSharingService umaService, Handler protectionApiHandler, String realm)
umaService
- core service to useprotectionApiHandler
- protectionApiHandler to use when interacting with introspection and permission request endpointsrealm
- UMA realm name (can be null
)public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
Filter
next.handle(context, request)
.
This method may elect not to pass the request to the next filter or
handler, and instead handle the request itself. It can achieve this by
merely avoiding a call to next.handle(context, request)
and creating its own response object. The filter is also at liberty to
replace a response with another of its own by intercepting the response
returned by the next handler.
Copyright 2011-2017 ForgeRock AS.