Package org.jboss.security.authorization
Interface AuthorizationModule
-
- All Known Implementing Classes:
AbstractAuthorizationModule
,AllDenyAuthorizationModule
,AllPermitAuthorizationModule
,DelegatingAuthorizationModule
,JACCAuthorizationModule
,PicketBoxAuthorizationModule
,WebAuthorizationModule
,XACMLAuthorizationModule
public interface AuthorizationModule
Represents a Policy Decision Module that is used by the Authorization Context- Since:
- Jun 11, 2006
- Version:
- $Revision: 45685 $
- Author:
- Anil Saldhana
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
abort()
Abort the Authorization Processint
authorize(Resource resource)
Authorize the resourceboolean
commit()
Overall authorization process has succeeded.boolean
destroy()
A final cleanup opportunity offeredvoid
initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup roles)
Initialize the module
-
-
-
Method Detail
-
abort
boolean abort() throws AuthorizationException
Abort the Authorization Process- Returns:
- true - abort passed, false-otherwise
- Throws:
AuthorizationException
-
commit
boolean commit() throws AuthorizationException
Overall authorization process has succeeded. The module can commit any decisions it has made, with third party systems like a database.- Returns:
- Throws:
AuthorizationException
-
initialize
void initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup roles)
Initialize the module- Parameters:
subject
- the authenticated subjecthandler
- CallbackHandlersharedState
- state shared with other configured modulesoptions
- options specified in the Configuration for this particular moduleroles
- Roles of the subject
-
authorize
int authorize(Resource resource)
Authorize the resource- Parameters:
resource
-- Returns:
- AuthorizationContext.PERMIT or AuthorizationContext.DENY
-
destroy
boolean destroy()
A final cleanup opportunity offered- Returns:
- cleanup by the module passed or not
-
-