org.apache.geronimo.security.jacc
Class AbstractModuleConfiguration

java.lang.Object
  extended byorg.apache.geronimo.security.jacc.AbstractModuleConfiguration
All Implemented Interfaces:
org.apache.geronimo.gbean.GBeanLifecycle, ModuleConfiguration
Direct Known Subclasses:
EJBModuleConfiguration, WebModuleConfiguration

public abstract class AbstractModuleConfiguration
extends Object
implements ModuleConfiguration, org.apache.geronimo.gbean.GBeanLifecycle

Version:
$Revision: 1.7 $ $Date: 2004/07/12 06:07:49 $

Field Summary
static String BASE_OBJECT_NAME
           
static org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
           
 
Constructor Summary
AbstractModuleConfiguration(String contextId)
           
 
Method Summary
 void addRoleMapping(String role, Collection principals)
          Add a mapping from a module's security roles to physical principals.
 void commit()
          This method is used to set to "inService" the state of the policy context whose interface is this PolicyConfiguration Object.
 void delete()
          Causes all policy statements to be deleted from this PolicyConfiguration and sets its internal state such that calling any method, other than delete, getContextID, or inService on the PolicyConfiguration will be rejected and cause an UnsupportedOperationException to be thrown.
 void doFail()
           
 void doStart()
          Implement configuration from supplied metadata (dds) in subclasses.
 void doStop()
           
 String getContextID()
          This method returns this object's policy context identifier.
static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()
           
protected  javax.security.jacc.PolicyConfiguration getPolicyConfiguration()
          This method returns the policy configuration that this bean is configuring.
 HashSet getRoles()
          This method returns the module's set of roles.
 boolean inService()
          This method is used to determine if the policy context whose interface is this PolicyConfiguration Object is in the "inService" state.
 void linkConfiguration(ModuleConfiguration link)
          Creates a relationship between this configuration and another such that they share the same principal-to-role mappings.
protected  void setConfigured(boolean configured)
          Used to notify the abstract base class that the concrete implementation has completed adding all the role names.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

BASE_OBJECT_NAME

public static final String BASE_OBJECT_NAME
See Also:
Constant Field Values

GBEAN_INFO

public static final org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
Constructor Detail

AbstractModuleConfiguration

public AbstractModuleConfiguration(String contextId)
                            throws GeronimoSecurityException
Method Detail

doStart

public void doStart()
Implement configuration from supplied metadata (dds) in subclasses.

Specified by:
doStart in interface org.apache.geronimo.gbean.GBeanLifecycle

doStop

public void doStop()
Specified by:
doStop in interface org.apache.geronimo.gbean.GBeanLifecycle

doFail

public void doFail()
Specified by:
doFail in interface org.apache.geronimo.gbean.GBeanLifecycle

getContextID

public String getContextID()
This method returns this object's policy context identifier.

Specified by:
getContextID in interface ModuleConfiguration
Returns:
this module's policy context identifier.

setConfigured

protected void setConfigured(boolean configured)
Used to notify the abstract base class that the concrete implementation has completed adding all the role names.

Parameters:
configured - the state of the configuration

getPolicyConfiguration

protected javax.security.jacc.PolicyConfiguration getPolicyConfiguration()
This method returns the policy configuration that this bean is configuring.

Returns:
this object's policy configuration, PolicyConfiguration.

getRoles

public HashSet getRoles()
This method returns the module's set of roles.

Specified by:
getRoles in interface ModuleConfiguration
Returns:
the set of roles that are being used for this module.

addRoleMapping

public void addRoleMapping(String role,
                           Collection principals)
                    throws GeronimoSecurityException
Add a mapping from a module's security roles to physical principals. Mapping principals to the same role twice will cause a PolicyContextException to be thrown.

Specified by:
addRoleMapping in interface ModuleConfiguration
Parameters:
role - The role that is to be mapped to a set of principals.
principals - The set of principals that are to be mapped to to role.
Throws:
GeronimoSecurityException - if the mapping principals to the same role twice occurs.

linkConfiguration

public void linkConfiguration(ModuleConfiguration link)
                       throws GeronimoSecurityException

Creates a relationship between this configuration and another such that they share the same principal-to-role mappings. PolicyConfigurations are linked to apply a common principal-to-role mapping to multiple seperately manageable PolicyConfigurations, as is required when an application is composed of multiple modules.

Note that the policy statements which comprise a role, or comprise the excluded or unchecked policy collections in a PolicyConfiguration are unaffected by the configuration being linked to another.

Specified by:
linkConfiguration in interface ModuleConfiguration
Parameters:
link - a reference to a different PolicyConfiguration than this PolicyConfiguration.

The relationship formed by this method is symetric, transitive and idempotent. If the argument PolicyConfiguration does not have a different Policy context identifier than this PolicyConfiguration no relationship is formed, and an exception, as described below, is thrown.

Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this EjbModuleConfigurationMBean Object is "deleted" or "inService" when this method is called.
IllegalArgumentException - if called with an argument EjbModuleConfigurationMBean whose Policy context is equivalent to that of this EjbModuleConfigurationMBean.
GeronimoSecurityException - if the implementation throws a checked exception that has not been accounted for by the linkConfiguration method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown GeronimoSecurityException.

delete

public void delete()
            throws GeronimoSecurityException

Causes all policy statements to be deleted from this PolicyConfiguration and sets its internal state such that calling any method, other than delete, getContextID, or inService on the PolicyConfiguration will be rejected and cause an UnsupportedOperationException to be thrown.

This operation has no affect on any linked PolicyConfigurations other than removing any links involving the deleted PolicyConfiguration.

Specified by:
delete in interface ModuleConfiguration
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
GeronimoSecurityException - if the implementation throws a checked exception that has not been accounted for by the delete method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown GeronimoSecurityException.

commit

public void commit()
            throws GeronimoSecurityException

This method is used to set to "inService" the state of the policy context whose interface is this PolicyConfiguration Object. Only those policy contexts whose state is "inService" will be included in the policy contexts processed by the Policy.refresh method. A policy context whose state is "inService" may be returned to the "open" state by calling the getPolicyConfiguration method of the PolicyConfiguration factory with the policy context identifier of the policy context.

When the state of a policy context is "inService", calling any method other than commit, delete, getContextID, or inService on its PolicyConfiguration Object will cause an UnsupportedOperationException to be thrown.

Specified by:
commit in interface ModuleConfiguration
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
UnsupportedOperationException - if the state of the policy context whose interface is this PolicyConfiguration Object is "deleted" when this method is called.
GeronimoSecurityException - if the implementation throws a checked exception that has not been accounted for by the commit method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown GeronimoSecurityException.

inService

public boolean inService()
                  throws GeronimoSecurityException
This method is used to determine if the policy context whose interface is this PolicyConfiguration Object is in the "inService" state.

Specified by:
inService in interface ModuleConfiguration
Returns:
true if the state of the associated policy context is "inService"; false otherwise.
Throws:
SecurityException - if called by an AccessControlContext that has not been granted the "setPolicy" SecurityPermission.
GeronimoSecurityException - if the implementation throws a checked exception that has not been accounted for by the inService method signature. The exception thrown by the implementation class will be encapsulated (during construction) in the thrown GeronimoSecurityException.

getGBeanInfo

public static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()


Copyright © 2003-2005 Apache Software Foundation. All Rights Reserved.