org.openpermis
Interface AuthorizationService

All Known Implementing Classes:
BasicAuthorizationService

public interface AuthorizationService

A service to perform authorization decisions.

Since:
0.3.0

Method Summary
 AccessDecision getAccessDecision(Subject subject, URI resource, String actionName, List<?> arguments)
          Decides whether a subject may be given access to a target and what obligations need to be fulfilled.
 AccessDecision getAccessDecision(URI subject, URI resource, String actionName, List<?> arguments)
          Decides whether a subject may be given access to a target and what obligations need to be fulfilled.
 Subject retrieveSubject(URI identity)
          Returns a subject whose identity matches the one specified.
 

Method Detail

getAccessDecision

AccessDecision getAccessDecision(URI subject,
                                 URI resource,
                                 String actionName,
                                 List<?> arguments)
                                 throws AuthorizationServiceException
Decides whether a subject may be given access to a target and what obligations need to be fulfilled.

Parameters:
subject - a URI to identify the user requesting access and to provide the roles assigned to her.
resource - a URI to identify the resource that the subject wants to access.
actionName - the name of the action that the subject wants to perform on the resource.
arguments - an optional list of arguments for the action that the subject wants to perform on the resource.
Returns:
an AccessDecision containing the decision and the obligations associated with the decision.
Throws:
AuthorizationServiceException - if the authorization service fails to make an access decision.
Since:
0.3.0

getAccessDecision

AccessDecision getAccessDecision(Subject subject,
                                 URI resource,
                                 String actionName,
                                 List<?> arguments)
                                 throws AuthorizationServiceException
Decides whether a subject may be given access to a target and what obligations need to be fulfilled.

Parameters:
subject - a Subject to identify the user requesting access and to provide the roles assigned to her.
resource - a URI to identify the resource that the subject wants to access.
actionName - the name of the action that the subject wants to perform on the resource.
arguments - an optional list of arguments for the action that the subject wants to perform on the resource.
Returns:
an AccessDecision containing the decision and the obligations associated with the decision.
Throws:
AuthorizationServiceException - if the authorization service fails to make an access decision.
Since:
0.3.0

retrieveSubject

Subject retrieveSubject(URI identity)
                        throws AuthorizationServiceException
Returns a subject whose identity matches the one specified.

Parameters:
identity - a URI that identifies a subject.
Returns:
a Subject associating a person with her assigned roles. The returned subject is never null, but will have no assigned roles for unknown identities.
Throws:
AuthorizationServiceException - when the authorization service fails to retrieve roles for the specified identity.
Since:
0.3.0


PERMIS Role Based Access Control 0.4.0 (Build 15)
2009/05/20 08:14:49
Copyright (c) 2002-2007 Ergon Informatik AG