Class AbstractWebAuthorizationHelper

  • Direct Known Subclasses:
    WebAuthorizationHelper

    public abstract class AbstractWebAuthorizationHelper
    extends AbstractJavaEEHelper
    Abstract Web Authorization Helper
    Since:
    Apr 17, 2008
    Version:
    $Revision$
    Author:
    Anil.Saldhana@redhat.com
    • Field Detail

      • enableAudit

        protected boolean enableAudit
    • Constructor Detail

      • AbstractWebAuthorizationHelper

        public AbstractWebAuthorizationHelper()
    • Method Detail

      • isEnableAudit

        public boolean isEnableAudit()
      • setEnableAudit

        public void setEnableAudit​(boolean enableAudit)
      • checkResourcePermission

        public abstract boolean checkResourcePermission​(Map<String,​Object> contextMap,
                                                        javax.servlet.ServletRequest request,
                                                        javax.servlet.ServletResponse response,
                                                        Subject callerSubject,
                                                        String contextID,
                                                        String canonicalRequestURI)
        Validate that the caller has the permission to access a web resource
        Parameters:
        contextMap -
        request -
        response -
        callerSubject -
        contextID -
        canonicalRequestURI -
        Returns:
        true - permitted
        Throws:
        IllegalArgumentException - request, response, callerSubject, contextID or canonicalRequestURI is null
        IllegalStateException - Authorization Manager from Security Context is null
      • checkResourcePermission

        public abstract boolean checkResourcePermission​(Map<String,​Object> contextMap,
                                                        javax.servlet.ServletRequest request,
                                                        javax.servlet.ServletResponse response,
                                                        Subject callerSubject,
                                                        String contextID,
                                                        String canonicalRequestURI,
                                                        List<String> roles)
        Validate that the caller has the permission to access a web resource
        Parameters:
        contextMap -
        request -
        response -
        callerSubject -
        contextID -
        canonicalRequestURI -
        roles -
        Returns:
        true - permitted
        Throws:
        IllegalArgumentException - request, response, callerSubject, contextID or canonicalRequestURI is null
        IllegalStateException - Authorization Manager from Security Context is null
      • hasRole

        public abstract boolean hasRole​(String roleName,
                                        Principal principal,
                                        String servletName,
                                        Set<Principal> principalRoles,
                                        String contextID,
                                        Subject callerSubject)
        Validate that the caller has the required role to access a resource
        Parameters:
        roleName -
        principal -
        servletName -
        principalRoles -
        contextID -
        callerSubject -
        Returns:
        Throws:
        IllegalArgumentException - roleName, contextID, callerSubject is null
        IllegalStateException - Authorization Manager from Security Context is null
      • hasRole

        public abstract boolean hasRole​(String roleName,
                                        Principal principal,
                                        String servletName,
                                        Set<Principal> principalRoles,
                                        String contextID,
                                        Subject callerSubject,
                                        List<String> roles)
        Validate that the caller has the required role to access a resource
        Parameters:
        roleName -
        principal -
        servletName -
        principalRoles -
        contextID -
        callerSubject -
        roles -
        Returns:
        Throws:
        IllegalArgumentException - roleName, contextID, callerSubject is null
        IllegalStateException - Authorization Manager from Security Context is null
      • hasUserDataPermission

        public abstract boolean hasUserDataPermission​(Map<String,​Object> contextMap,
                                                      javax.servlet.ServletRequest request,
                                                      javax.servlet.ServletResponse response,
                                                      String contextID,
                                                      Subject callerSubject)
        Validate whether the transport constraints are met by the caller
        Parameters:
        contextMap -
        request -
        response -
        contextID -
        callerSubject -
        Returns:
        Throws:
        IllegalArgumentException - request, response, callerSubject or contextID is null
        IllegalStateException - Authorization Manager from Security Context is null
      • hasUserDataPermission

        public abstract boolean hasUserDataPermission​(Map<String,​Object> contextMap,
                                                      javax.servlet.ServletRequest request,
                                                      javax.servlet.ServletResponse response,
                                                      String contextID,
                                                      Subject callerSubject,
                                                      List<String> roles)
        Validate whether the transport constraints are met by the caller
        Parameters:
        contextMap -
        request -
        response -
        contextID -
        callerSubject -
        roles -
        Returns:
        Throws:
        IllegalArgumentException - request, response, callerSubject or contextID is null
        IllegalStateException - Authorization Manager from Security Context is null