public class ParameterFilterInterceptor extends AbstractInterceptor
The way parameters are filtered for the least configuration is that if a string is in the allowed or blocked lists, then any parameter that is a member of the object represented by the parameter is allowed or blocked respectively.
For example, if the parameters are:
<interceptors> ... <interceptor name="parameterFilter" class="com.opensymphony.xwork2.interceptor.ParameterFilterInterceptor"/> ... </interceptors> <action ....> ... <interceptor-ref name="parameterFilter"> <param name="blocked">person,person.address.createDate,personDao</param> </interceptor-ref> ... </action>
Constructor and Description |
---|
ParameterFilterInterceptor() |
Modifier and Type | Method and Description |
---|---|
Collection<String> |
getAllowedCollection() |
Collection<String> |
getBlockedCollection() |
String |
intercept(ActionInvocation invocation)
Override to handle interception
|
boolean |
isDefaultBlock() |
void |
setAllowed(String allowed) |
void |
setAllowedCollection(Collection<String> allowed) |
void |
setBlocked(String blocked) |
void |
setBlockedCollection(Collection<String> blocked) |
void |
setDefaultBlock(boolean defaultExclude) |
destroy, init
public String intercept(ActionInvocation invocation) throws Exception
AbstractInterceptor
intercept
in interface Interceptor
intercept
in class AbstractInterceptor
invocation
- the action invocationActionInvocation.invoke()
, or from the interceptor itself.Exception
- any system-level error, as defined in Action.execute()
.public boolean isDefaultBlock()
public void setDefaultBlock(boolean defaultExclude)
defaultExclude
- The defaultExclude to set.public Collection<String> getBlockedCollection()
public void setBlockedCollection(Collection<String> blocked)
blocked
- The blocked to set.public void setBlocked(String blocked)
blocked
- The blocked paramters as comma separated String.public Collection<String> getAllowedCollection()
public void setAllowedCollection(Collection<String> allowed)
allowed
- The allowed to set.public void setAllowed(String allowed)
allowed
- The allowed paramters as comma separated String.Copyright © 2000-2015 Apache Software Foundation. All Rights Reserved.