org.openpermis.repository.basic
Class AbstractSubjectRepository

java.lang.Object
  extended by org.openpermis.repository.basic.AbstractSubjectRepository
All Implemented Interfaces:
SubjectRepository
Direct Known Subclasses:
LdapSubjectRepository, StreamSubjectRepository

public abstract class AbstractSubjectRepository
extends Object
implements SubjectRepository

An abstract subject repository with all code used (or usable) by subclasses.

Since:
0.1.0

Field Summary
private  CertificateVerifier certificateVerifier
          The internally user class to verify certificates.
 
Constructor Summary
protected AbstractSubjectRepository(CertificateVerifier certificateVerifier)
          Creates an abstract subject repository and uses the specified certificate verifier to validate the attribute certificates.
 
Method Summary
private  InternalSubject getOrCreateSubject(Map<URI,InternalSubject> subjectsByIdentity, URI identity)
          Internal method looking up a subject and creating it if it does not exist.
private  boolean isCertificateCorrect(Certificate certificate)
          Checks if the specified certificate is valid.
protected  void updateSubjectMap(Map<URI,InternalSubject> subjectsByIdentity, AttributeCertificate certificate)
          Updates the specified subject-by-identity map by processing the specified attribute certificate and assigning roles to all affected subjects.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.openpermis.repository.SubjectRepository
retrieveSubject
 

Field Detail

certificateVerifier

private final CertificateVerifier certificateVerifier
The internally user class to verify certificates.

Since:
0.3.0
Constructor Detail

AbstractSubjectRepository

protected AbstractSubjectRepository(CertificateVerifier certificateVerifier)
Creates an abstract subject repository and uses the specified certificate verifier to validate the attribute certificates.

Parameters:
certificateVerifier - The certificate verifier user to verify the the attribute certificates. Must not be null.
Since:
0.3.0
Method Detail

updateSubjectMap

protected void updateSubjectMap(Map<URI,InternalSubject> subjectsByIdentity,
                                AttributeCertificate certificate)
                         throws NoSuchAlgorithmException,
                                NoSuchProviderException
Updates the specified subject-by-identity map by processing the specified attribute certificate and assigning roles to all affected subjects. If a subject does not yet exist, it is created and stored in the map. This method does not synchronize anything. Thus, if a subclass intends to be thread-safe, it must itself lock the map accordingly.

Parameters:
subjectsByIdentity - A map storing subjects by their identities. Must not be null.
certificate - The attribute certificate to process. May be null.
Throws:
NoSuchAlgorithmException
NoSuchProviderException
Since:
0.1.0

isCertificateCorrect

private boolean isCertificateCorrect(Certificate certificate)
                              throws NoSuchAlgorithmException,
                                     NoSuchProviderException
Checks if the specified certificate is valid. What is done exactly depends on the certificate verifier this class uses.

Returns:
true if (and only if) the certificate could be verified.
Throws:
NoSuchProviderException - Thrown if there is no default crypto provider.
NoSuchAlgorithmException - Thrown if a cryptographic algorithm used for signature verification cannot be retrieved from the crypto provider(s).
Since:
0.1.0
0.3.0 changed to private.

getOrCreateSubject

private InternalSubject getOrCreateSubject(Map<URI,InternalSubject> subjectsByIdentity,
                                           URI identity)
Internal method looking up a subject and creating it if it does not exist.



PERMIS Role Based Access Control 0.4.0 (Build 15)
2009/05/20 08:14:59
Copyright (c) 2002-2007 Ergon Informatik AG