org.jboss.security.authorization
Class AuthorizationContext
java.lang.Object
org.jboss.security.authorization.AuthorizationContext
public abstract class AuthorizationContext
- extends java.lang.Object
JBAS-3374: Authorization Framework for Policy Decision Modules
For information on the behavior of the Authorization Modules,
For Authorization Modules behavior(Required, Requisite, Sufficient and Optional)
please refer to the javadoc for @see javax.security.auth.login.Configuration
The AuthorizationContext derives the AuthorizationInfo(configuration for the modules)
in the following way:
a) If there has been an injection of ApplicationPolicy, then it will be used.
b) Util.getApplicationPolicy will be used(which relies on SecurityConfiguration static class).
c) Flag an error that there is no available Application Policy
- Since:
- Jun 11, 2006
- Version:
- $Revision: 62954 $
- Author:
- Anil Saldhana
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
securityDomainName
protected java.lang.String securityDomainName
callbackHandler
protected javax.security.auth.callback.CallbackHandler callbackHandler
authenticatedSubject
protected javax.security.auth.Subject authenticatedSubject
sharedState
protected java.util.Map<java.lang.String,java.lang.Object> sharedState
modules
protected java.util.List<AuthorizationModule> modules
controlFlags
protected java.util.List<ControlFlag> controlFlags
- Control Flags for the individual modules
PERMIT
public static final int PERMIT
- See Also:
- Constant Field Values
DENY
public static final int DENY
- See Also:
- Constant Field Values
AuthorizationContext
public AuthorizationContext()
authorize
public abstract int authorize(Resource resource)
throws AuthorizationException
- Authorize the Resource
- Parameters:
resource -
- Returns:
- AuthorizationContext.PERMIT or AuthorizationContext.DENY
- Throws:
AuthorizationException
Copyright © 2007 JBoss Inc.. All Rights Reserved.