|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Method Summary | |
void |
addRoleMapping(String role,
Collection principals)
Add a mapping from a module's security roles to physical principals. |
void |
commit()
This method is used to set to "inService" the state of the policy context whose interface is this PolicyConfiguration Object. |
void |
delete()
Causes all policy statements to be deleted from this PolicyConfiguration and sets its internal
state such that calling any method, other than delete , getContextID , or
inService on the PolicyConfiguration will be rejected and cause an
UnsupportedOperationException to be thrown. |
String |
getContextID()
This method returns this modules's policy context identifier. |
HashSet |
getRoles()
This method returns the module's set of roles. |
boolean |
inService()
This method is used to determine if the policy context whose interface is this PolicyConfiguration
Object is in the "inService" state. |
void |
linkConfiguration(ModuleConfiguration link)
Creates a relationship between this configuration and another such that they share the same principal-to-role mappings. |
Method Detail |
public String getContextID()
public HashSet getRoles()
public void addRoleMapping(String role, Collection principals) throws GeronimoSecurityException
PolicyContextException
to be thrown.
role
- The role that is to be mapped to a set of principals.principals
- The set of principals that are to be mapped to to role.
GeronimoSecurityException
- if the mapping principals to the same role twice occurs.public void linkConfiguration(ModuleConfiguration link) throws GeronimoSecurityException
Creates a relationship between this configuration and another such that they share the same principal-to-role
mappings. PolicyConfigurations
are linked to apply a common principal-to-role mapping to multiple
seperately manageable PolicyConfigurations
, as is required when an application is composed of
multiple modules.
Note that the policy statements which comprise a role, or comprise the excluded or unchecked policy
collections in a PolicyConfiguration
are unaffected by the configuration being linked to
another.
link
- a reference to a different PolicyConfiguration than this PolicyConfiguration
.
The relationship formed by this method is symetric, transitive and idempotent. If the argument
PolicyConfiguration
does not have a different Policy context identifier than this
PolicyConfiguration
no relationship is formed, and an exception, as described below, is thrown.
SecurityException
- if called by an AccessControlContext
that has not been granted
the "setPolicy" SecurityPermission
.
UnsupportedOperationException
- if the state of the policy context whose interface is this
EjbModuleConfigurationMBean
Object is "deleted" or "inService" when this method is called.
IllegalArgumentException
- if called with an argument EjbModuleConfigurationMBean
whose Policy context is equivalent to that of this EjbModuleConfigurationMBean
.
GeronimoSecurityException
- if the implementation throws a checked exception that has not been accounted for by
the linkConfiguration method signature. The exception thrown by the implementation class will be encapsulated
(during construction) in the thrown GeronimoSecurityException
.public void delete() throws GeronimoSecurityException
Causes all policy statements to be deleted from this PolicyConfiguration
and sets its internal
state such that calling any method, other than delete
, getContextID
, or
inService
on the PolicyConfiguration
will be rejected and cause an
UnsupportedOperationException
to be thrown.
This operation has no affect on any linked PolicyConfigurations
other than removing any links
involving the deleted PolicyConfiguration
.
SecurityException
- if called by an AccessControlContext
that has not been granted
the "setPolicy" SecurityPermission
.
GeronimoSecurityException
- if the implementation throws a checked exception that has not been accounted for by
the delete method signature. The exception thrown by the implementation class will be encapsulated (during
construction) in the thrown GeronimoSecurityException
.public void commit() throws GeronimoSecurityException
This method is used to set to "inService" the state of the policy context whose interface is this
PolicyConfiguration
Object. Only those policy contexts whose state is "inService" will be included
in the policy contexts processed by the Policy.refresh
method. A policy context whose state is
"inService" may be returned to the "open" state by calling the getPolicyConfiguration
method of the
PolicyConfiguration
factory with the policy context identifier of the policy context.
When the state of a policy context is "inService", calling any method other than commit
,
delete
, getContextID
, or inService
on its PolicyConfiguration
Object will cause an UnsupportedOperationException
to be thrown.
SecurityException
- if called by an AccessControlContext
that has not been granted
the "setPolicy" SecurityPermission
.
UnsupportedOperationException
- if the state of the policy context whose interface is this
PolicyConfiguration
Object is "deleted" when this method is called.
GeronimoSecurityException
- if the implementation throws a checked exception that has not been accounted for by
the commit method signature. The exception thrown by the implementation class will be encapsulated (during
construction) in the thrown GeronimoSecurityException
.public boolean inService() throws GeronimoSecurityException
PolicyConfiguration
Object is in the "inService" state.
true
if the state of the associated policy context is "inService"; false
otherwise.
SecurityException
- if called by an AccessControlContext
that has not been granted
the "setPolicy" SecurityPermission
.
GeronimoSecurityException
- if the implementation throws a checked exception that has not been accounted for by the
inService
method signature. The exception thrown by the implementation class will be encapsulated
(during construction) in the thrown GeronimoSecurityException
.
|
|||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |