org.jboss.security.plugins.authorization
Class JBossAuthorizationContext

java.lang.Object
  extended by org.jboss.security.authorization.AuthorizationContext
      extended by org.jboss.security.plugins.authorization.JBossAuthorizationContext

public class JBossAuthorizationContext
extends org.jboss.security.authorization.AuthorizationContext

JBAS-3374: Authorization Framework for Policy Decision Modules For information on the behavior of the Authorization Modules, For Authorization Modules behavior(Required, Requisite, Sufficient and Optional) please refer to the javadoc for @see javax.security.auth.login.Configuration The AuthorizationContext derives the AuthorizationInfo(configuration for the modules) in the following way: a) If there has been an injection of ApplicationPolicy, then it will be used. b) Util.getApplicationPolicy will be used(which relies on SecurityConfiguration static class). c) Flag an error that there is no available Application Policy

Since:
Jun 11, 2006
Version:
$Revision: 62954 $
Author:
Anil Saldhana

Field Summary
 
Fields inherited from class org.jboss.security.authorization.AuthorizationContext
callbackHandler, controlFlags, DENY, modules, PERMIT, securityDomainName, sharedState
 
Constructor Summary
JBossAuthorizationContext(String name)
           
JBossAuthorizationContext(String name, CallbackHandler handler)
           
JBossAuthorizationContext(String name, Subject subject, CallbackHandler handler)
           
 
Method Summary
 int authorize(org.jboss.security.authorization.Resource resource)
          Authorize the Resource
 int authorize(org.jboss.security.authorization.Resource resource, Subject subject, org.jboss.security.identity.RoleGroup callerRoles)
           
 void setApplicationPolicy(ApplicationPolicy aPolicy)
          Inject an ApplicationPolicy that contains AuthorizationInfo
 
Methods inherited from class org.jboss.security.authorization.AuthorizationContext
getSecurityDomain
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

JBossAuthorizationContext

public JBossAuthorizationContext(String name)

JBossAuthorizationContext

public JBossAuthorizationContext(String name,
                                 CallbackHandler handler)

JBossAuthorizationContext

public JBossAuthorizationContext(String name,
                                 Subject subject,
                                 CallbackHandler handler)
Method Detail

setApplicationPolicy

public void setApplicationPolicy(ApplicationPolicy aPolicy)
Inject an ApplicationPolicy that contains AuthorizationInfo

Parameters:
aPolicy -
Throws:
IllegalArgumentException - if ApplicationPolicy is null or does not contain AuthorizationInfo or domain name does not match

authorize

public int authorize(org.jboss.security.authorization.Resource resource)
              throws org.jboss.security.authorization.AuthorizationException
Authorize the Resource

Specified by:
authorize in class org.jboss.security.authorization.AuthorizationContext
Parameters:
resource -
Returns:
AuthorizationContext.PERMIT or AuthorizationContext.DENY
Throws:
org.jboss.security.authorization.AuthorizationException

authorize

public int authorize(org.jboss.security.authorization.Resource resource,
                     Subject subject,
                     org.jboss.security.identity.RoleGroup callerRoles)
              throws org.jboss.security.authorization.AuthorizationException
Specified by:
authorize in class org.jboss.security.authorization.AuthorizationContext
Throws:
org.jboss.security.authorization.AuthorizationException
See Also:
AuthorizationContext#authorize(Resource, Role)


Copyright © 2009 JBoss Inc.. All Rights Reserved.