Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.jboss.security.authorization
Class AuthorizationContext

java.lang.Object
  extended by org.jboss.security.authorization.AuthorizationContext

public abstract class AuthorizationContext
extends java.lang.Object

JBAS-3374: Authorization Framework for Policy Decision Modules For information on the behavior of the Authorization Modules, For Authorization Modules behavior(Required, Requisite, Sufficient and Optional) please refer to the javadoc for @see javax.security.auth.login.Configuration The AuthorizationContext derives the AuthorizationInfo(configuration for the modules) in the following way: a) If there has been an injection of ApplicationPolicy, then it will be used. b) Util.getApplicationPolicy will be used(which relies on SecurityConfiguration static class). c) Flag an error that there is no available Application Policy

Since:
Jun 11, 2006
Version:
$Revision: 62954 $
Author:
Anil Saldhana

Field Summary
protected  javax.security.auth.callback.CallbackHandler callbackHandler
           
protected  java.util.List<ControlFlag> controlFlags
          Control Flags for the individual modules
static int DENY
           
protected  java.util.List<AuthorizationModule> modules
          Roles of the Subject
static int PERMIT
           
protected  java.lang.String securityDomainName
           
protected  java.util.Map<java.lang.String,java.lang.Object> sharedState
           
 
Constructor Summary
AuthorizationContext()
           
 
Method Summary
abstract  int authorize(Resource resource)
          Authorize the Resource
abstract  int authorize(Resource resource, javax.security.auth.Subject subject, org.jboss.security.identity.RoleGroup roles)
          Authorize the resource
 java.lang.String getSecurityDomain()
          Return the Security Domain Name
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

securityDomainName

protected java.lang.String securityDomainName

callbackHandler

protected javax.security.auth.callback.CallbackHandler callbackHandler

sharedState

protected java.util.Map<java.lang.String,java.lang.Object> sharedState

modules

protected java.util.List<AuthorizationModule> modules
Roles of the Subject

controlFlags

protected java.util.List<ControlFlag> controlFlags
Control Flags for the individual modules

PERMIT

public static final int PERMIT
See Also:
Constant Field Values

DENY

public static final int DENY
See Also:
Constant Field Values
Constructor Detail

AuthorizationContext

public AuthorizationContext()
Method Detail

authorize

public abstract int authorize(Resource resource)
                       throws AuthorizationException
Authorize the Resource

Parameters:
resource -
Returns:
AuthorizationContext.PERMIT or AuthorizationContext.DENY
Throws:
AuthorizationException

authorize

public abstract int authorize(Resource resource,
                              javax.security.auth.Subject subject,
                              org.jboss.security.identity.RoleGroup roles)
                       throws AuthorizationException
Authorize the resource

Parameters:
resource -
subject - Subject of the caller
roles - Roles of the caller
Returns:
Throws:
AuthorizationException

getSecurityDomain

public java.lang.String getSecurityDomain()
Return the Security Domain Name

Returns:
security domain
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2008 JBoss Inc.. All Rights Reserved.