|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.openpermis.audit.AuditPolicyDecisionPoint
public class AuditPolicyDecisionPoint
Policy decision point delegate that supports VetoableAccessDecisionListener
s.
The audit policy decision point wraps an existing PolicyDecisionPoint
and adds
auditing functionality.
Field Summary | |
---|---|
private PolicyDecisionPoint |
delegate
The actual PDP to delegate access decisions to. |
private List<VetoableAccessDecisionListener> |
listeners
List of access decision listeners. |
Constructor Summary | |
---|---|
AuditPolicyDecisionPoint(PolicyDecisionPoint delegate,
List<VetoableAccessDecisionListener> listeners)
Creates a new policy decision point with audit support. |
Method Summary | |
---|---|
AccessDecision |
getAccessDecision(Subject subject,
URI resource,
String actionName,
List<?> arguments,
TimeStamp timeStamp)
Decides whether a subject may be given access to a target and what obligations need to be fulfilled. |
private void |
notifyAccessDecisionFailure(AccessDecisionRequest request,
PolicyDecisionException exception)
Notifies all listeners of an access decision failure. |
private void |
notifyVetoableAccessDecision(AccessDecisionRequest request,
AccessDecision decision)
Notifies all listeners of a vetoable access decision. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private final PolicyDecisionPoint delegate
private final List<VetoableAccessDecisionListener> listeners
Constructor Detail |
---|
public AuditPolicyDecisionPoint(PolicyDecisionPoint delegate, List<VetoableAccessDecisionListener> listeners)
delegate
- the actual PDP to delegate access decision to, must not be null
.listeners
- a list of listeners to notify when a decision is calculated.Method Detail |
---|
private void notifyAccessDecisionFailure(AccessDecisionRequest request, PolicyDecisionException exception)
request
- the request.exception
- the failure.private void notifyVetoableAccessDecision(AccessDecisionRequest request, AccessDecision decision) throws AccessDecisionVetoException
request
- the request.decision
- the decision.
AccessDecisionVetoException
- in case of a veto.public AccessDecision getAccessDecision(Subject subject, URI resource, String actionName, List<?> arguments, TimeStamp timeStamp) throws PolicyDecisionException
PolicyDecisionPoint
getAccessDecision
in interface PolicyDecisionPoint
subject
- a Subject
to identify the user requesting access and to provide
the roles assigned to her.resource
- a URI
to identify the resource that the subject wants to access.actionName
- the name of the action that the subject wants to perform on the resource.arguments
- an optional list of arguments for the action
that the subject wants to perform on the resource.
AccessDecision
containing the PDP's decision and the
obligations associated with the decision.
PolicyDecisionException
- if the PDP fails to make an access decision.
|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
PERMIS Role Based Access Control 0.3.0 (Build 14)
2009/05/08 09:06:22
Copyright (c) 2002-2007 Ergon Informatik AG