Class PicketBoxAuthorizationModule
- java.lang.Object
-
- org.picketbox.plugins.authorization.PicketBoxAuthorizationModule
-
- All Implemented Interfaces:
AuthorizationModule
public class PicketBoxAuthorizationModule extends Object implements AuthorizationModule
Simple Authorization Module that authorizes users with the configured roles Note:The roles need to be placed as a comma separated list of values.
Example:
<policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:jboss:security-config:5.0" xmlns="urn:jboss:security-config:5.0" xmlns:jbxb="urn:jboss:security-config:5.0">
<application-policy name = "test">
<authentication>
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required">
<module-option name = "name">1.1</module-option>
<module-option name = "succeed">true</module-option>
<module-option name = "throwEx">false</module-option>
</login-module>
</authentication>
<authorization>
<policy-module
code="org.picketbox.plugins.authorization.PicketBoxAuthorizationModule">
<module-option name="roles">validuser</module-option>
</policy-module>
</authorization>
</application-policy>
</policy>
-
-
Constructor Summary
Constructors Constructor Description PicketBoxAuthorizationModule()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
abort()
Abort the Authorization Processint
authorize(Resource resource)
Authorize the resourceboolean
commit()
Overall authorization process has succeeded.boolean
destroy()
A final cleanup opportunity offeredvoid
initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup roles)
Initialize the module
-
-
-
Method Detail
-
abort
public boolean abort() throws AuthorizationException
Description copied from interface:AuthorizationModule
Abort the Authorization Process- Specified by:
abort
in interfaceAuthorizationModule
- Returns:
- true - abort passed, false-otherwise
- Throws:
AuthorizationException
-
authorize
public int authorize(Resource resource)
Description copied from interface:AuthorizationModule
Authorize the resource- Specified by:
authorize
in interfaceAuthorizationModule
- Returns:
- AuthorizationContext.PERMIT or AuthorizationContext.DENY
-
commit
public boolean commit() throws AuthorizationException
Description copied from interface:AuthorizationModule
Overall authorization process has succeeded. The module can commit any decisions it has made, with third party systems like a database.- Specified by:
commit
in interfaceAuthorizationModule
- Returns:
- Throws:
AuthorizationException
-
destroy
public boolean destroy()
Description copied from interface:AuthorizationModule
A final cleanup opportunity offered- Specified by:
destroy
in interfaceAuthorizationModule
- Returns:
- cleanup by the module passed or not
-
initialize
public void initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup roles)
Initialize the module- Specified by:
initialize
in interfaceAuthorizationModule
- Parameters:
subject
- the authenticated subjecthandler
- CallbackHandlersharedState
- state shared with other configured modulesoptions
- options specified in the Configuration for this particular moduleroles
- Roles of the subject
-
-