Package org.jboss.security.authorization
Class AuthorizationContext
- java.lang.Object
-
- org.jboss.security.authorization.AuthorizationContext
-
- Direct Known Subclasses:
JBossAuthorizationContext
public abstract class AuthorizationContext extends Object
JBAS-3374: Authorization Framework for Policy Decision Modules For information on the behavior of the Authorization Modules, For Authorization Modules behavior(Required, Requisite, Sufficient and Optional) please refer to the javadoc for @see javax.security.auth.login.Configuration The AuthorizationContext derives the AuthorizationInfo(configuration for the modules) in the following way: a) If there has been an injection of ApplicationPolicy, then it will be used. b) Util.getApplicationPolicy will be used(which relies on SecurityConfiguration static class). c) Flag an error that there is no available Application Policy- Since:
- Jun 11, 2006
- Version:
- $Revision: 62954 $
- Author:
- Anil Saldhana
-
-
Field Summary
Fields Modifier and Type Field Description protected CallbackHandler
callbackHandler
static int
DENY
static int
PERMIT
protected String
securityDomainName
protected Map<String,Object>
sharedState
-
Constructor Summary
Constructors Constructor Description AuthorizationContext()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract int
authorize(Resource resource)
Authorize the Resourceabstract int
authorize(Resource resource, Subject subject, RoleGroup roles)
Authorize the resourceString
getSecurityDomain()
Return the Security Domain Name
-
-
-
Field Detail
-
securityDomainName
protected String securityDomainName
-
callbackHandler
protected CallbackHandler callbackHandler
-
PERMIT
public static final int PERMIT
- See Also:
- Constant Field Values
-
DENY
public static final int DENY
- See Also:
- Constant Field Values
-
-
Method Detail
-
authorize
public abstract int authorize(Resource resource) throws AuthorizationException
Authorize the Resource- Parameters:
resource
-- Returns:
- AuthorizationContext.PERMIT or AuthorizationContext.DENY
- Throws:
AuthorizationException
-
authorize
public abstract int authorize(Resource resource, Subject subject, RoleGroup roles) throws AuthorizationException
Authorize the resource- Parameters:
resource
-subject
- Subject of the callerroles
- Roles of the caller- Returns:
- Throws:
AuthorizationException
-
getSecurityDomain
public String getSecurityDomain()
Return the Security Domain Name- Returns:
- security domain
-
-