org.jboss.security.acl
Interface ACL


public interface ACL

This interface represents an Access Control List (ACL), a data structure used to protect access to resources. It is composed of entries, where each entry is represented by the ALCEntry class and represents the permissions assigned to a given identity.

When a client attempts to perform an operation on a resource, the ACL associated to the resource is used to verify if the client has enough permissions to perform that operation. In order to do that, the ACLEntry corresponding to the client's identity is retrieved and then the permission set contained in the entry is verified to decide if access should be granted or not.

Author:
Stefan Guilhen

Method Summary
 boolean addEntry(ACLEntry entry)
           Adds an entry to this ACL.
 Collection<? extends ACLEntry> getEntries()
           Obtains the collection of all ACLEntries in this ACL.
 ACLEntry getEntry(Identity identity)
           Obtains the entry that corresponds to the specified identity.
 ACLEntry getEntry(String identityOrRole)
           Obtains the entry that corresponds to the specified identity or role name.
 Resource getResource()
           Obtains a reference to the resource being protected by this ACL.
 boolean isGranted(ACLPermission permission, Identity identity)
           Verify if the given permission is assigned to the specified Identity.
 boolean removeEntry(ACLEntry entry)
           Removes an entry from this ACL.
 

Method Detail

addEntry

boolean addEntry(ACLEntry entry)

Adds an entry to this ACL. If the ACL already has an ACLEntry associated to the new entry's identity, then the new entry will not be added.

Parameters:
entry - the ACLEntry to be added.
Returns:
true if the entry was added; false otherwise.

removeEntry

boolean removeEntry(ACLEntry entry)

Removes an entry from this ACL.

Parameters:
entry - the ACLEntry to be removed.
Returns:
true if the entry is removed; false if the entry can't be found in the ACL.

getEntries

Collection<? extends ACLEntry> getEntries()

Obtains the collection of all ACLEntries in this ACL.

Returns:
a Collection containing all entries in this ACL.

getEntry

ACLEntry getEntry(Identity identity)

Obtains the entry that corresponds to the specified identity. Calling this method is the same as doing getEntry(identity.getName()).

Parameters:
identity - a reference to the Identity object.
Returns:
the ACLEntry that corresponds to the identity, or null if no entry could be found.

getEntry

ACLEntry getEntry(String identityOrRole)

Obtains the entry that corresponds to the specified identity or role name.

Parameters:
identityOrRole - a String representing an identity or role.
Returns:
the ACLEntry that corresponds to the identity or role or null if no entry could be found.

getResource

Resource getResource()

Obtains a reference to the resource being protected by this ACL.

Returns:
a reference to the Resource.

isGranted

boolean isGranted(ACLPermission permission,
                  Identity identity)

Verify if the given permission is assigned to the specified Identity.

Parameters:
permission - the ACLPermission to be checked for.
identity - the Identity being verified.
Returns:
true if the specified permission is assigned to the identity; false otherwise.


Copyright © 2009 JBoss Inc.. All Rights Reserved.