AuthorizationManager (JBoss Security Authorization SPI 2.0.2.Beta1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jboss.security
Interface AuthorizationManager

All Superinterfaces:: BaseSecurityManager

public interface AuthorizationManager
extends BaseSecurityManager
extends BaseSecurityManager

Generalized Authorization Manager Interface.

Replaces the legacy RealmMapping interface

Since:: Jan 2, 2006
Version:: $Revision: 67358 $
Author:: Anil Saldhana
See Also:: org.jboss.security.RealmMapping

Method Summary
`int`	`authorize(Resource resource)` Authorize a resource
`boolean`	`doesUserHaveRole(java.security.Principal principal, java.util.Set<java.security.Principal> roles)` Validates the application domain roles to which the operational environment Principal belongs.
`EntitlementHolder<?>`	`entitlements(Resource resource, org.jboss.security.identity.Identity identity)` Instance Based Security Get all the entitlements assigned to the components of a Resource
`java.security.acl.Group`	`getTargetRoles(java.security.Principal targetPrincipal, java.util.Map<java.lang.String,java.lang.Object> contextMap)` Trust usecases may have a need to determine the roles of the target principal which has been derived via a principal from another domain by the Authentication Manager An implementation of this interface may have to contact a trust provider for additional information about the principal
`java.util.Set<java.security.Principal>`	`getUserRoles(java.security.Principal principal)` Return the set of domain roles the principal has been assigned.

Methods inherited from interface org.jboss.security.BaseSecurityManager
`getSecurityDomain`

Method Detail

authorize

int authorize(Resource resource)
              throws AuthorizationException

Authorize a resource

Parameters:: resource -
Returns:
Throws:: AuthorizationException

entitlements

EntitlementHolder<?> entitlements(Resource resource,
                                  org.jboss.security.identity.Identity identity)
                                  throws AuthorizationException

Instance Based Security Get all the entitlements assigned to the components of a Resource

Parameters:: resource - A Resource (Can be a Portal Resource, a Rules Resource); identity - The Identity against whom the entitlements need to be generated
Returns:: a Entitlements Wrapper
Throws:: AuthorizationException

doesUserHaveRole

boolean doesUserHaveRole(java.security.Principal principal,
                         java.util.Set<java.security.Principal> roles)

Validates the application domain roles to which the operational environment Principal belongs.

Parameters:: principal - the caller principal as known in the operation environment.; roles - The Set for the application domain roles that the principal is to be validated against.
Returns:: true if the principal has at least one of the roles in the roles set, false otherwise.

getUserRoles

java.util.Set<java.security.Principal> getUserRoles(java.security.Principal principal)

Return the set of domain roles the principal has been assigned.

Returns:: The Set for the application domain roles that the principal has been assigned.

getTargetRoles

java.security.acl.Group getTargetRoles(java.security.Principal targetPrincipal,
                                       java.util.Map<java.lang.String,java.lang.Object> contextMap)

Trust usecases may have a need to determine the roles of the target principal which has been derived via a principal from another domain by the Authentication Manager An implementation of this interface may have to contact a trust provider for additional information about the principal

Parameters:: targetPrincipal - Principal applicable in current domain; contextMap - Read-Only Contextual Information that may be useful for the implementation in determining the roles.
Returns:: roles from the target domain