org.jboss.security.javaee

Class AbstractWebAuthorizationHelper

java.lang.Object

org.jboss.security.javaee.AbstractJavaEEHelper

org.jboss.security.javaee.AbstractWebAuthorizationHelper

Direct Known Subclasses:

WebAuthorizationHelper

public abstract class AbstractWebAuthorizationHelper
extends AbstractJavaEEHelper

Abstract Web Authorization Helper

Since:

Apr 17, 2008

Version:

$Revision$

Author:

Anil.Saldhana@redhat.com

Field Summary

Fields

Modifier and Type	Field and Description
protected boolean	enableAudit

Fields inherited from class org.jboss.security.javaee.AbstractJavaEEHelper

policyRegistration, securityContext

Constructor Summary

Constructors

Constructor and Description
AbstractWebAuthorizationHelper()

Method Summary

Modifier and Type	Method and Description
abstract boolean	checkResourcePermission(Map<String,Object> contextMap, ServletRequest request, ServletResponse response, Subject callerSubject, String contextID, String canonicalRequestURI) Validate that the caller has the permission to access a web resource
abstract boolean	checkResourcePermission(Map<String,Object> contextMap, ServletRequest request, ServletResponse response, Subject callerSubject, String contextID, String canonicalRequestURI, List<String> roles) Validate that the caller has the permission to access a web resource
abstract boolean	hasRole(String roleName, Principal principal, String servletName, Set<Principal> principalRoles, String contextID, Subject callerSubject) Validate that the caller has the required role to access a resource
abstract boolean	hasRole(String roleName, Principal principal, String servletName, Set<Principal> principalRoles, String contextID, Subject callerSubject, List<String> roles) Validate that the caller has the required role to access a resource
abstract boolean	hasUserDataPermission(Map<String,Object> contextMap, ServletRequest request, ServletResponse response, String contextID, Subject callerSubject) Validate whether the transport constraints are met by the caller
abstract boolean	hasUserDataPermission(Map<String,Object> contextMap, ServletRequest request, ServletResponse response, String contextID, Subject callerSubject, List<String> roles) Validate whether the transport constraints are met by the caller
boolean	isEnableAudit()
void	setEnableAudit(boolean enableAudit)

Methods inherited from class org.jboss.security.javaee.AbstractJavaEEHelper

audit, authenticationAudit, authorizationAudit, getCallerPrincipal, getContextMap, getPolicyRegistration, getSecurityContext, setPolicyRegistration, setSecurityContext

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

enableAudit

protected boolean enableAudit

Constructor Detail

AbstractWebAuthorizationHelper

public AbstractWebAuthorizationHelper()

Method Detail

isEnableAudit

public boolean isEnableAudit()

setEnableAudit

public void setEnableAudit(boolean enableAudit)

checkResourcePermission

public abstract boolean checkResourcePermission(Map<String,Object> contextMap,
                                                ServletRequest request,
                                                ServletResponse response,
                                                Subject callerSubject,
                                                String contextID,
                                                String canonicalRequestURI)

Validate that the caller has the permission to access a web resource

Parameters:

contextMap -

request -

response -

callerSubject -

contextID -

canonicalRequestURI -

Returns:

true - permitted

Throws:

IllegalArgumentException - request, response, callerSubject, contextID or canonicalRequestURI is null

IllegalStateException - Authorization Manager from Security Context is null

checkResourcePermission

public abstract boolean checkResourcePermission(Map<String,Object> contextMap,
                                                ServletRequest request,
                                                ServletResponse response,
                                                Subject callerSubject,
                                                String contextID,
                                                String canonicalRequestURI,
                                                List<String> roles)

Validate that the caller has the permission to access a web resource

Parameters:

contextMap -

request -

response -

callerSubject -

contextID -

canonicalRequestURI -

roles -

Returns:

true - permitted

Throws:

IllegalArgumentException - request, response, callerSubject, contextID or canonicalRequestURI is null

IllegalStateException - Authorization Manager from Security Context is null

hasRole

public abstract boolean hasRole(String roleName,
                                Principal principal,
                                String servletName,
                                Set<Principal> principalRoles,
                                String contextID,
                                Subject callerSubject)

Validate that the caller has the required role to access a resource

Parameters:

roleName -

principal -

servletName -

principalRoles -

contextID -

callerSubject -

Returns:

Throws:

IllegalArgumentException - roleName, contextID, callerSubject is null

IllegalStateException - Authorization Manager from Security Context is null

hasRole

public abstract boolean hasRole(String roleName,
                                Principal principal,
                                String servletName,
                                Set<Principal> principalRoles,
                                String contextID,
                                Subject callerSubject,
                                List<String> roles)

Validate that the caller has the required role to access a resource

Parameters:

roleName -

principal -

servletName -

principalRoles -

contextID -

callerSubject -

roles -

Returns:

Throws:

IllegalArgumentException - roleName, contextID, callerSubject is null

IllegalStateException - Authorization Manager from Security Context is null

hasUserDataPermission

public abstract boolean hasUserDataPermission(Map<String,Object> contextMap,
                                              ServletRequest request,
                                              ServletResponse response,
                                              String contextID,
                                              Subject callerSubject)

Validate whether the transport constraints are met by the caller

Parameters:

contextMap -

request -

response -

contextID -

callerSubject -

Returns:

Throws:

IllegalArgumentException - request, response, callerSubject or contextID is null

IllegalStateException - Authorization Manager from Security Context is null

hasUserDataPermission

public abstract boolean hasUserDataPermission(Map<String,Object> contextMap,
                                              ServletRequest request,
                                              ServletResponse response,
                                              String contextID,
                                              Subject callerSubject,
                                              List<String> roles)

Validate whether the transport constraints are met by the caller

Parameters:

contextMap -

request -

response -

contextID -

callerSubject -

roles -

Returns:

Throws:

IllegalArgumentException - request, response, callerSubject or contextID is null

IllegalStateException - Authorization Manager from Security Context is null