Class AbstractAuthorizationModule
- java.lang.Object
-
- org.jboss.security.authorization.modules.AbstractAuthorizationModule
-
- All Implemented Interfaces:
AuthorizationModule
- Direct Known Subclasses:
AllDenyAuthorizationModule
,AllPermitAuthorizationModule
,DelegatingAuthorizationModule
,JACCAuthorizationModule
,WebAuthorizationModule
,XACMLAuthorizationModule
public abstract class AbstractAuthorizationModule extends Object implements AuthorizationModule
Abstraction of Authorization Module- Since:
- Jun 14, 2006
- Version:
- $Revision$
- Author:
- Anil Saldhana
-
-
Field Summary
Fields Modifier and Type Field Description protected static Map<String,Class<?>>
clazzMap
A map that is available to reduce the loadClass synchronizationprotected Map<ResourceType,String>
delegateMap
Map of delegates for the various layersprotected CallbackHandler
handler
protected Map<String,Object>
options
protected RoleGroup
role
protected Map<String,Object>
sharedState
protected Subject
subject
-
Constructor Summary
Constructors Constructor Description AbstractAuthorizationModule()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description boolean
abort()
Abort the Authorization Processabstract int
authorize(Resource resource)
Authorize the resourceboolean
commit()
Overall authorization process has succeeded.boolean
destroy()
A final cleanup opportunity offeredprotected AuthorizationModuleDelegate
getDelegate(String delegateStr)
Load the delegatevoid
initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup subjectRole)
Initialize the moduleprotected int
invokeDelegate(Resource resource)
Subclasses can use this method to leave the authorization decision to the delegate configuredprotected void
populateDelegateMap(String commaSeparatedDelegates)
Options may have a comma separated delegate mapString
toString()
Override to print more details
-
-
-
Field Detail
-
subject
protected Subject subject
-
handler
protected CallbackHandler handler
-
role
protected RoleGroup role
-
delegateMap
protected Map<ResourceType,String> delegateMap
Map of delegates for the various layers
-
-
Method Detail
-
authorize
public abstract int authorize(Resource resource)
Description copied from interface:AuthorizationModule
Authorize the resource- Specified by:
authorize
in interfaceAuthorizationModule
- Returns:
- AuthorizationContext.PERMIT or AuthorizationContext.DENY
- See Also:
AuthorizationModule.authorize(Resource)
-
abort
public boolean abort() throws AuthorizationException
Description copied from interface:AuthorizationModule
Abort the Authorization Process- Specified by:
abort
in interfaceAuthorizationModule
- Returns:
- true - abort passed, false-otherwise
- Throws:
AuthorizationException
- See Also:
AuthorizationModule.abort()
-
commit
public boolean commit() throws AuthorizationException
Description copied from interface:AuthorizationModule
Overall authorization process has succeeded. The module can commit any decisions it has made, with third party systems like a database.- Specified by:
commit
in interfaceAuthorizationModule
- Returns:
- Throws:
AuthorizationException
- See Also:
AuthorizationModule.commit()
-
destroy
public boolean destroy()
Description copied from interface:AuthorizationModule
A final cleanup opportunity offered- Specified by:
destroy
in interfaceAuthorizationModule
- Returns:
- cleanup by the module passed or not
- See Also:
AuthorizationModule.destroy()
-
initialize
public void initialize(Subject subject, CallbackHandler handler, Map<String,Object> sharedState, Map<String,Object> options, RoleGroup subjectRole)
Description copied from interface:AuthorizationModule
Initialize the module- Specified by:
initialize
in interfaceAuthorizationModule
- Parameters:
subject
- the authenticated subjecthandler
- CallbackHandlersharedState
- state shared with other configured modulesoptions
- options specified in the Configuration for this particular modulesubjectRole
- Roles of the subject- See Also:
AuthorizationModule.initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map, org.jboss.security.identity.RoleGroup)
-
toString
public String toString()
Override to print more details
-
invokeDelegate
protected int invokeDelegate(Resource resource)
Subclasses can use this method to leave the authorization decision to the delegate configured
-
getDelegate
protected AuthorizationModuleDelegate getDelegate(String delegateStr) throws Exception
Load the delegate- Parameters:
delegateStr
- FQN of the delegate- Returns:
- Delegate Instance
- Throws:
Exception
-
populateDelegateMap
protected void populateDelegateMap(String commaSeparatedDelegates)
Options may have a comma separated delegate map- Parameters:
commaSeparatedDelegates
-
-
-