org.jboss.security.plugins.authorization

Class JBossAuthorizationContext

java.lang.Object

org.jboss.security.authorization.AuthorizationContext

org.jboss.security.plugins.authorization.JBossAuthorizationContext

public class JBossAuthorizationContext
extends AuthorizationContext

JBAS-3374: Authorization Framework for Policy Decision Modules For information on the behavior of the Authorization Modules, For Authorization Modules behavior(Required, Requisite, Sufficient and Optional) please refer to the javadoc for @see javax.security.auth.login.Configuration The AuthorizationContext derives the AuthorizationInfo(configuration for the modules) in the following way: a) If there has been an injection of ApplicationPolicy, then it will be used. b) Util.getApplicationPolicy will be used(which relies on SecurityConfiguration static class). c) Flag an error that there is no available Application Policy

Since:

Jun 11, 2006

Version:

$Revision: 62954 $

Author:

Anil Saldhana

Field Summary

Fields inherited from class org.jboss.security.authorization.AuthorizationContext

callbackHandler, DENY, PERMIT, securityDomainName, sharedState

Constructor Summary

Constructors

Constructor and Description
JBossAuthorizationContext(String name)
JBossAuthorizationContext(String name, CallbackHandler handler)
JBossAuthorizationContext(String name, Subject subject, CallbackHandler handler)

Method Summary

Modifier and Type	Method and Description
int	authorize(Resource resource) Authorize the Resource
int	authorize(Resource resource, Subject subject, RoleGroup callerRoles) Authorize the resource
void	setApplicationPolicy(ApplicationPolicy appPolicy) Inject an ApplicationPolicy that contains AuthorizationInfo

Methods inherited from class org.jboss.security.authorization.AuthorizationContext

getSecurityDomain

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JBossAuthorizationContext

public JBossAuthorizationContext(String name)

JBossAuthorizationContext

public JBossAuthorizationContext(String name,
                                 CallbackHandler handler)

JBossAuthorizationContext

public JBossAuthorizationContext(String name,
                                 Subject subject,
                                 CallbackHandler handler)

Method Detail

setApplicationPolicy

public void setApplicationPolicy(ApplicationPolicy appPolicy)

Inject an ApplicationPolicy that contains AuthorizationInfo

Parameters:

appPolicy -

Throws:

IllegalArgumentException - if ApplicationPolicy is null or does not contain AuthorizationInfo or domain name does not match

authorize

public int authorize(Resource resource)
              throws AuthorizationException

Authorize the Resource

Specified by:

authorize in class AuthorizationContext

Parameters:

resource -

Returns:

AuthorizationContext.PERMIT or AuthorizationContext.DENY

Throws:

AuthorizationException

authorize

public int authorize(Resource resource,
                     Subject subject,
                     RoleGroup callerRoles)
              throws AuthorizationException

Description copied from class: AuthorizationContext

Authorize the resource

Specified by:

authorize in class AuthorizationContext

subject - Subject of the caller

callerRoles - Roles of the caller

Returns:

Throws:

AuthorizationException

See Also:

AuthorizationContext.authorize(org.jboss.security.authorization.Resource, javax.security.auth.Subject, org.jboss.security.identity.RoleGroup)