|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.openpermis.basic.BasicAuthorizationService
public class BasicAuthorizationService
An authorization service for a specific policy decision point and a specific subject repository.
Constructor Summary | |
---|---|
BasicAuthorizationService(PolicyDecisionPoint policyDecisionPoint,
SubjectRepository repository,
Clock clock)
Creates a authorization service for the specified policy. |
Method Summary | |
---|---|
AccessDecision |
getAccessDecision(Subject subject,
URI resource,
String actionName,
List<?> arguments)
Decides whether a subject may be given access to a target and what obligations need to be fulfilled. |
AccessDecision |
getAccessDecision(URI identity,
URI resource,
String actionName,
List<?> arguments)
Decides whether a subject may be given access to a target and what obligations need to be fulfilled. |
Subject |
retrieveSubject(URI identity)
Returns a subject whose identity matches the one specified. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public BasicAuthorizationService(PolicyDecisionPoint policyDecisionPoint, SubjectRepository repository, Clock clock)
policyDecisionPoint
- the PolicyDecisionPoint
to determine access decisions.repository
- the SubjectRepository
providing this PDP with
information about its configured environment.clock
- the Clock
service providing time.Method Detail |
---|
public AccessDecision getAccessDecision(URI identity, URI resource, String actionName, List<?> arguments) throws AuthorizationServiceException
AuthorizationService
getAccessDecision
in interface AuthorizationService
identity
- a URI
to identify the user requesting access and to provide
the roles assigned to her.resource
- a URI
to identify the resource that the subject wants to access.actionName
- the name of the action that the subject wants to perform on the resource.arguments
- an optional list of arguments for the action that the subject wants to
perform on the resource.
AccessDecision
containing the decision and the
obligations associated with the decision.
AuthorizationServiceException
- if the authorization service fails to make an access
decision.public AccessDecision getAccessDecision(Subject subject, URI resource, String actionName, List<?> arguments) throws AuthorizationServiceException
AuthorizationService
getAccessDecision
in interface AuthorizationService
subject
- a Subject
to identify the user requesting access and to provide
the roles assigned to her.resource
- a URI
to identify the resource that the subject wants to access.actionName
- the name of the action that the subject wants to perform on the resource.arguments
- an optional list of arguments for the action
that the subject wants to perform on the resource.
AccessDecision
containing the decision and the
obligations associated with the decision.
AuthorizationServiceException
- if the authorization service fails to make an access
decision.public Subject retrieveSubject(URI identity) throws AuthorizationServiceException
AuthorizationService
retrieveSubject
in interface AuthorizationService
identity
- a URI
that identifies a subject.
Subject
associating a person with her assigned roles. The returned
subject is never null
, but will have no assigned roles for unknown identities.
AuthorizationServiceException
- when the authorization service fails to retrieve roles
for the specified identity.
|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
PERMIS Role Based Access Control 0.3.0 (Build 14)
2009/05/08 09:06:10
Copyright (c) 2002-2007 Ergon Informatik AG