Returns true if the user is authorized for the resource.
isAuthorized must provide the response if the user is not
authorized. Typically this will just call sendError.
isAuthorized will be called after all the other filters, but
before the servlet.service().
Parameters: request - the servlet request Parameters: response - the servlet response true if the request is authorized. |