|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface AuthorizationService
A service to perform authorization decisions.
Method Summary | |
---|---|
AccessDecision |
getAccessDecision(Subject subject,
URI resource,
String actionName,
List<?> arguments)
Decides whether a subject may be given access to a target and what obligations need to be fulfilled. |
AccessDecision |
getAccessDecision(URI subject,
URI resource,
String actionName,
List<?> arguments)
Decides whether a subject may be given access to a target and what obligations need to be fulfilled. |
Set<RoleDefinition> |
getRoleDefinitionsForSubject(Subject subject)
Retrieves the roles that a subject currently holds. |
Set<RoleDefinition> |
getRoleDefinitionsForSubject(URI subject)
Retrieves the roles that a subject currently holds. |
Subject |
retrieveSubject(URI identity)
Returns a subject whose identity matches the one specified. |
Method Detail |
---|
AccessDecision getAccessDecision(URI subject, URI resource, String actionName, List<?> arguments) throws AuthorizationServiceException
subject
- a URI
to identify the user requesting access and to provide
the roles assigned to her.resource
- a URI
to identify the resource that the subject wants to access.actionName
- the name of the action that the subject wants to perform on the resource.arguments
- an optional list of arguments for the action that the subject wants to
perform on the resource.
AccessDecision
containing the decision and the
obligations associated with the decision.
AuthorizationServiceException
- if the authorization service fails to make an access
decision.AccessDecision getAccessDecision(Subject subject, URI resource, String actionName, List<?> arguments) throws AuthorizationServiceException
subject
- a Subject
to identify the user requesting access and to provide
the roles assigned to her.resource
- a URI
to identify the resource that the subject wants to access.actionName
- the name of the action that the subject wants to perform on the resource.arguments
- an optional list of arguments for the action
that the subject wants to perform on the resource.
AccessDecision
containing the decision and the
obligations associated with the decision.
AuthorizationServiceException
- if the authorization service fails to make an access
decision.Subject retrieveSubject(URI identity) throws AuthorizationServiceException
identity
- a URI
that identifies a subject.
Subject
associating a person with her assigned roles. The returned
subject is never null
, but will have no assigned roles for unknown identities.
AuthorizationServiceException
- when the authorization service fails to retrieve roles
for the specified identity.Set<RoleDefinition> getRoleDefinitionsForSubject(URI subject) throws AuthorizationServiceException
Note: This method will only consider roles according to the current time stamp, therefore the resulting role definition list may vary depending on the current time and the validity of the role certificates when this method is called.
subject
- a URI
to identify the user for which to query its currently
held roles.
null
but may be empty if
the subject does not hold any roles.
AuthorizationServiceException
- when the authorization service fails to retrieve roles
for the specified identity.Set<RoleDefinition> getRoleDefinitionsForSubject(Subject subject)
Note: This method will only consider roles according to the current time stamp, therefore the resulting role definition list may vary depending on the current time and the validity of the role certificates when this method is called.
subject
- a Subject
to identify the user for which to query its currently
held roles.
null
but may be empty if
the subject does not hold any roles.
|
![]() |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
OpenPermis Role Based Access Control 0.9.0 (Build 16)
2009/08/13 07:16:59
Copyright (c) 2002-2007 Ergon Informatik AG