org.jboss.security.authorization.modules

Class AbstractAuthorizationModule

java.lang.Object

org.jboss.security.authorization.modules.AbstractAuthorizationModule

All Implemented Interfaces:

AuthorizationModule

Direct Known Subclasses:

AllDenyAuthorizationModule, AllPermitAuthorizationModule, DelegatingAuthorizationModule, JACCAuthorizationModule, WebAuthorizationModule, XACMLAuthorizationModule

public abstract class AbstractAuthorizationModule
extends Object
implements AuthorizationModule

Abstraction of Authorization Module

Since:

Jun 14, 2006

Version:

$Revision$

Author:

Anil Saldhana

Field Summary

Fields

Modifier and Type	Field and Description
protected static Map<String,Class<?>>	clazzMap A map that is available to reduce the loadClass synchronization
protected Map<ResourceType,String>	delegateMap Map of delegates for the various layers
protected CallbackHandler	handler
protected Map<String,Object>	options
protected RoleGroup	role
protected Map<String,Object>	sharedState
protected Subject	subject

Constructor Summary

Constructors

Constructor and Description
AbstractAuthorizationModule()

Method Summary

Modifier and Type	Method and Description
boolean	abort() Abort the Authorization Process
abstract int	authorize(Resource resource) Authorize the resource
boolean	commit() Overall authorization process has succeeded.
boolean	destroy() A final cleanup opportunity offered
protected AuthorizationModuleDelegate	getDelegate(String delegateStr) Load the delegate
void	initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup subjectRole) Initialize the module
protected int	invokeDelegate(Resource resource) Subclasses can use this method to leave the authorization decision to the delegate configured
protected void	populateDelegateMap(String commaSeparatedDelegates) Options may have a comma separated delegate map
String	toString() Override to print more details

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

subject

protected Subject subject

handler

protected CallbackHandler handler

sharedState

protected Map<String,Object> sharedState

options

protected Map<String,Object> options

role

protected RoleGroup role

delegateMap

protected Map<ResourceType,String> delegateMap

Map of delegates for the various layers

clazzMap

protected static Map<String,Class<?>> clazzMap

A map that is available to reduce the loadClass synchronization

Constructor Detail

AbstractAuthorizationModule

public AbstractAuthorizationModule()

Method Detail

authorize

public abstract int authorize(Resource resource)

Description copied from interface: AuthorizationModule

Authorize the resource

Specified by:

authorize in interface AuthorizationModule

Returns:

AuthorizationContext.PERMIT or AuthorizationContext.DENY

See Also:

AuthorizationModule.authorize(Resource)

abort

public boolean abort()
              throws AuthorizationException

Description copied from interface: AuthorizationModule

Abort the Authorization Process

Specified by:

abort in interface AuthorizationModule

Returns:

true - abort passed, false-otherwise

Throws:

AuthorizationException

See Also:

AuthorizationModule.abort()

commit

public boolean commit()
               throws AuthorizationException

Description copied from interface: AuthorizationModule

Overall authorization process has succeeded. The module can commit any decisions it has made, with third party systems like a database.

Specified by:

commit in interface AuthorizationModule

Returns:

Throws:

AuthorizationException

See Also:

AuthorizationModule.commit()

destroy

public boolean destroy()

Description copied from interface: AuthorizationModule

A final cleanup opportunity offered

Specified by:

destroy in interface AuthorizationModule

Returns:

cleanup by the module passed or not

See Also:

AuthorizationModule.destroy()

initialize

public void initialize(Subject subject,
                       CallbackHandler handler,
                       Map<String,Object> sharedState,
                       Map<String,Object> options,
                       RoleGroup subjectRole)

Description copied from interface: AuthorizationModule

Initialize the module

Specified by:

initialize in interface AuthorizationModule

Parameters:

subject - the authenticated subject

handler - CallbackHandler

sharedState - state shared with other configured modules

options - options specified in the Configuration for this particular module

subjectRole - Roles of the subject

See Also:

AuthorizationModule.initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map, org.jboss.security.identity.RoleGroup)

toString

public String toString()

Override to print more details

Overrides:

toString in class Object

invokeDelegate

protected int invokeDelegate(Resource resource)

Subclasses can use this method to leave the authorization decision to the delegate configured

getDelegate

protected AuthorizationModuleDelegate getDelegate(String delegateStr)
                                           throws Exception

Load the delegate

Parameters:

delegateStr - FQN of the delegate

Returns:

Delegate Instance

Throws:

Exception

populateDelegateMap

protected void populateDelegateMap(String commaSeparatedDelegates)

Options may have a comma separated delegate map

Parameters:

commaSeparatedDelegates -