org.openpermis.audit
Class AuditPolicyDecisionPoint

java.lang.Object
  extended by org.openpermis.audit.AuditPolicyDecisionPoint
All Implemented Interfaces:
PolicyDecisionPoint

public class AuditPolicyDecisionPoint
extends Object
implements PolicyDecisionPoint

Policy decision point delegate that supports VetoableAccessDecisionListeners.

The audit policy decision point wraps an existing PolicyDecisionPoint and adds auditing functionality.

Since:
0.3.0

Constructor Summary
AuditPolicyDecisionPoint(PolicyDecisionPoint delegate, List<VetoableAccessDecisionListener> listeners)
          Creates a new policy decision point with audit support.
 
Method Summary
 AccessDecision getAccessDecision(Subject subject, URI resource, String actionName, List<?> arguments, TimeStamp timeStamp)
          Decides whether a subject may be given access to a target and what obligations need to be fulfilled.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuditPolicyDecisionPoint

public AuditPolicyDecisionPoint(PolicyDecisionPoint delegate,
                                List<VetoableAccessDecisionListener> listeners)
Creates a new policy decision point with audit support.

Parameters:
delegate - the actual PDP to delegate access decision to, must not be null.
listeners - a list of listeners to notify when a decision is calculated.
Since:
0.3.0
Method Detail

getAccessDecision

public AccessDecision getAccessDecision(Subject subject,
                                        URI resource,
                                        String actionName,
                                        List<?> arguments,
                                        TimeStamp timeStamp)
                                 throws PolicyDecisionException
Description copied from interface: PolicyDecisionPoint
Decides whether a subject may be given access to a target and what obligations need to be fulfilled.

Specified by:
getAccessDecision in interface PolicyDecisionPoint
Parameters:
subject - a Subject to identify the user requesting access and to provide the roles assigned to her.
resource - a URI to identify the resource that the subject wants to access.
actionName - the name of the action that the subject wants to perform on the resource.
arguments - an optional list of arguments for the action that the subject wants to perform on the resource.
Returns:
an AccessDecision containing the PDP's decision and the obligations associated with the decision.
Throws:
PolicyDecisionException - if the PDP fails to make an access decision.
Since:
0.3.0


PERMIS Role Based Access Control 0.3.0 (Build 14)
2009/05/08 09:06:10
Copyright (c) 2002-2007 Ergon Informatik AG