public interface ACLProvider
An ACLProvider
is responsible for the management of the ACLs associated to the
resources being protected. Implementations of this interface will typically interact with some
sort of repository, where the ACLs are stored.
Modifier and Type | Method and Description |
---|---|
<T> Set<T> |
getEntitlements(Class<T> clazz,
Resource resource,
Identity identity)
For a given Resource and an Identity, return all the entitlements
Eg: A portal page can consist of say 10 components such as windows, subpages
etc.
|
ACLPersistenceStrategy |
getPersistenceStrategy()
Obtains the
ACLPersistenceStrategy associated with this provider. |
void |
initialize(Map<String,Object> sharedState,
Map<String,Object> options)
Initialize the provider
|
boolean |
isAccessGranted(Resource resource,
Identity identity,
ACLPermission permission)
Checks if the given identity has the permissions needed to access the specified resource.
|
void |
setPersistenceStrategy(ACLPersistenceStrategy strategy)
Sets the persistence strategy to be used by this provider.
|
boolean |
tearDown()
Give an opportunity for the provider to finalize the
operations
|
void initialize(Map<String,Object> sharedState, Map<String,Object> options)
sharedState
- Shared Stateoptions
- Options<T> Set<T> getEntitlements(Class<T> clazz, Resource resource, Identity identity) throws AuthorizationException
For a given Resource and an Identity, return all the entitlements Eg: A portal page can consist of say 10 components such as windows, subpages etc. Now the Portal page can be the resource and for a given identity, the entitlements would be the subset of these 10 components to which the identity has access
T
- resource
- identity
- AuthorizationException
boolean isAccessGranted(Resource resource, Identity identity, ACLPermission permission) throws AuthorizationException
Checks if the given identity has the permissions needed to access the specified resource. This
involves finding the ACL
associated with the resource and consulting the ACL
to
determine if access should be granted or not to the identity.
resource
- the Resource
being accessed.identity
- the Identity
trying to access the resource.permission
- the permissions needed to access the resource.true
if the identity has enough permissions to access the resource; false
otherwise.AuthorizationException
- if no ACL
can be found for the specified resource.ACLPersistenceStrategy getPersistenceStrategy()
Obtains the ACLPersistenceStrategy
associated with this provider.
ACLPersistenceStrategy
used by this provider.void setPersistenceStrategy(ACLPersistenceStrategy strategy)
Sets the persistence strategy to be used by this provider.
strategy
- a reference to the ACLPersistenceStrategy
to be used.boolean tearDown()
Copyright © 2018 JBoss by Red Hat. All rights reserved.