Interface I_CmsApiAuthorizationHandler

  • public interface I_CmsApiAuthorizationHandler
    Special authorization handler for APIs using stateless authorization.

    This does *not* handle authorization for normal OpenCms users (editors and website users), but is meant for use in APIs implemented as request handlers or resource init handlers. Authorization is supposed to be stateless, i.e. authorization information is passed with every HTTP request.

    • Method Detail

      • initCmsObject

        CmsObject initCmsObject​(CmsObject adminCms,
                                javax.servlet.http.HttpServletRequest request)
                         throws CmsException
        Authenticates a user from a request and returns a CmsObject initialized with that user.

        If no user can be authenticated from the request, this method returns null.

        adminCms - a CmsObject with root admin privileges
        request - the request
        the CmsObject for the request
        CmsException - if something goes wrong
      • initialize

        void initialize​(CmsObject cms)
        Sets the admin CmsObject used internally by this handler.
        cms - the admin CmsObject to use