com.ibm.portal.impersonation
Interface ImpersonationFilter

All Superinterfaces:

SecurityFilter

public interface ImpersonationFilter
extends SecurityFilter

This interface can be implemented to realize a custom element in the filter chain for the impersonation of a User.

The impersonate method can then be used to add additional logic before or after calling the next impersonation filter chain element by invoking the impersonate method on the ImpersonationFilterChain passed in as the last argument. The order of the impersonation filter elements is defined in the ResourceEnvironmentProvider WP PortletServiceRegistryService using the custom property com.ibm.wps.portletservice.impersonation.impl.ImpersonationServiceImpl.filterchain (multiple impersonation filters are separated by :).

Each impersonation filter is instantiated as a singleton, so the implementor must make sure that the #impersonate(HttpServletRequest, HttpServletResponse, String, FilterChainContext, ImpersonationFilterChain) method is thread-safe. The SecurityFilter.init(SecurityFilterConfig) method is called once during Portal startup and gets the values of all properties of the Portal Authentication Service that start with filterchain.properties.<fully qualified classname of the implementing class> passed in with the SecurityFilterConfig object. The SecurityFilter.destroy() method is called once when Portal is shut down.

NOTE: This API may only be used in the scope of an HTTP request in WebSphere Portal, i.e. within a theme. The API can not be invoked directly by a custom servlet.

Since:

6.1.0.4

Note:

This interface is designed to be implemented by clients.

Method Summary

void	doAfterEndImpersonate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, java.lang.String userID, FilterChainContext impersonationContext, ImpersonationFilterChain chain) Can be used to implement custom code for the Portal impersonation This method is called after the user is reverted to the original user
void	doAfterImpersonate(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp, java.lang.String userID, FilterChainContext impersonationContext, ImpersonationFilterChain chain) Can be used to implement custom impersonation code for the Portal impersonation The method is called after impersonation has

Methods inherited from interface com.ibm.portal.security.SecurityFilter

destroy, init

Method Detail

doAfterImpersonate

void doAfterImpersonate(javax.servlet.http.HttpServletRequest req,
                        javax.servlet.http.HttpServletResponse resp,
                        java.lang.String userID,
                        FilterChainContext impersonationContext,
                        ImpersonationFilterChain chain)

Can be used to implement custom impersonation code for the Portal impersonation The method is called after impersonation has

Parameters:

req - The servlet request.

resp - The servlet response. The implementor must not send a redirect on this object, but use the FilterChainContext object passed in as an argument to set a redirect target to be executed after the filter chain has been processed.

userID - The user id of the user impersonated.

impersonationContext - A FilterChainContext object that can be used to share information between the impersonation filter implementations.

chain - The reference to the impersonation filter chain that has to be used to call the impersonate method of the next impersonation filter chain element.

doAfterEndImpersonate

void doAfterEndImpersonate(javax.servlet.http.HttpServletRequest req,
                           javax.servlet.http.HttpServletResponse resp,
                           java.lang.String userID,
                           FilterChainContext impersonationContext,
                           ImpersonationFilterChain chain)

Can be used to implement custom code for the Portal impersonation This method is called after the user is reverted to the original user

Parameters:

req - The servlet request.

resp - The servlet response. The implementor must not send a redirect on this object, but use the FilterChainContext object passed in as an argument to set a redirect target to be executed after the filter chain has been processed.

userID - The user id of the user impersonated.

impersonationContext - A FilterChainContext object that can be used to share information between the impersonation filter implementations.

chain - The reference to the impersonation filter chain that has to be used to call the impersonate method of the next impersonation filter chain element.