ServiceAuthorizationChain (Globus® Toolkit 4.0.7 Java API Docs for globus_java_ws

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.globus.wsrf.impl.security.authorization
Class ServiceAuthorizationChain

java.lang.Object
  org.globus.wsrf.impl.security.authorization.ServiceAuthorizationChain

All Implemented Interfaces:: Interceptor, java.io.Serializable

public class ServiceAuthorizationChain
extends java.lang.Object
implements Interceptor, java.io.Serializable

The ServiceAuthorizationChain class ties together and evaluates chains of PDP and PIP implementations. The chain is evaluated in a strict configuration determined order. If any PIP or PDP throws an Exception the evaluation is stopped, and the Exception is propagated back to the client. If a PDP returns false the evaluation is stopped and the client is notified. If a PDP returns true or a PIP returns indeterminate the next interceptor in the chain is evaluated. Chains can also be linked, in which case the parent chain is evaluated before the child chain. See the Interceptor documentation for information about the individual operations.

See Also:: Serialized Form

Field Summary
`private boolean`	`chained`
`private static org.globus.util.I18n`	`i18n`
`protected boolean`	`initialized`
`protected Interceptor[]`	`interceptor`
`protected java.lang.String[]`	`interceptorName`
`private static org.apache.commons.logging.Log`	`logger`
`private ServiceAuthorizationChain`	`parentChain`

Constructor Summary
`ServiceAuthorizationChain()`
`ServiceAuthorizationChain(ServiceAuthorizationChain parentChain)` sets the parent chain, which will be evaluated before the current chain all authorization, get- and setPolicy, and getPolicyNames requests are propagated to the parent, wheras initialize and close are always only done on the local chain.

Method Summary
`boolean`	`authorize(javax.security.auth.Subject peerSubject, javax.xml.rpc.handler.MessageContext context)`
`boolean`	`authorize(javax.security.auth.Subject peerSubject, javax.xml.rpc.handler.MessageContext context, javax.xml.namespace.QName operation)`
`void`	`authorize(javax.security.auth.Subject peerSubject, javax.xml.rpc.handler.MessageContext context, java.lang.String service)`
`void`	`close()` this method is called by the PDP framework to indicate that the interceptor now should remove all state that was allocated in the initialize call
`org.w3c.dom.Node`	`getPolicy(org.w3c.dom.Node policy)`
`java.lang.String[]`	`getPolicyNames()`
`private void`	`init(PDPConfig config)`
`void`	`initialize(PDPConfig config, java.lang.String name, java.lang.String id)` initializes the chain with a given configuration of PIPs and PDPs
`private boolean`	`intercept(javax.security.auth.Subject peerSubject, javax.xml.rpc.handler.MessageContext context, javax.xml.namespace.QName operation)`
`boolean`	`isChained()`
`void`	`setChained(boolean chained)`
`org.w3c.dom.Node`	`setPolicy(org.w3c.dom.Node policy)`

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

i18n

private static org.globus.util.I18n i18n

logger

private static org.apache.commons.logging.Log logger

initialized

protected boolean initialized

interceptor

protected Interceptor[] interceptor

interceptorName

protected java.lang.String[] interceptorName

parentChain

private ServiceAuthorizationChain parentChain

chained

private boolean chained

Constructor Detail