org.globus.wsrf.impl.security.authorization
Class AccessControlListPDP
java.lang.Object
org.globus.wsrf.impl.security.authorization.BasePDPImpl
org.globus.wsrf.impl.security.authorization.AccessControlListPDP
- All Implemented Interfaces:
- java.io.Serializable, org.globus.security.authorization.Interceptor, org.globus.security.authorization.PDP, org.globus.security.authorization.PDPInterceptor
public class AccessControlListPDP
- extends BasePDPImpl
- See Also:
- Serialized Form
|
Method Summary |
private org.globus.security.authorization.Decision |
authorize(org.globus.security.authorization.EntityAttributes reqEntity,
org.globus.security.authorization.EntityAttributes resourceEntity,
org.globus.security.authorization.EntityAttributes actionEntity,
boolean admin)
|
org.globus.security.authorization.Decision |
canAccess(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
|
org.globus.security.authorization.Decision |
canAdminister(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
|
private java.lang.String |
getAccessFileName(org.globus.security.authorization.ChainConfig config,
java.lang.String name)
|
private java.lang.String |
getAdminFileName(org.globus.security.authorization.ChainConfig config,
java.lang.String name)
|
java.lang.String[] |
getPolicyNames()
|
void |
initialize(java.lang.String chainName,
java.lang.String prefix_,
org.globus.security.authorization.ChainConfig config_)
|
protected void |
initializeParam()
|
private org.globus.security.authorization.Decision |
isPermitted(javax.security.auth.Subject peer,
java.lang.String operation,
java.lang.String serviceName,
org.globus.security.authorization.EntityAttributes issuer,
org.globus.security.authorization.EntityAttributes req,
boolean admin)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SERVICE_RIGHTS_SEPARATOR
public static final java.lang.String SERVICE_RIGHTS_SEPARATOR
- See Also:
- Constant Field Values
SERVICE_SEPARATOR
public static final java.lang.String SERVICE_SEPARATOR
- See Also:
- Constant Field Values
ACTIONS_SEPARATOR
public static final java.lang.String ACTIONS_SEPARATOR
- See Also:
- Constant Field Values
i18n
private static org.globus.util.I18n i18n
ACCESS_CONFIG_FILE
public static final java.lang.String ACCESS_CONFIG_FILE
- See Also:
- Constant Field Values
ADMIN_CONFIG_FILE
public static final java.lang.String ADMIN_CONFIG_FILE
- See Also:
- Constant Field Values
DEFAULT_ACCESS_CONFIG_FILE
public static final java.lang.String DEFAULT_ACCESS_CONFIG_FILE
- See Also:
- Constant Field Values
DEFAULT_ADMIN_CONFIG_FILE
public static final java.lang.String DEFAULT_ADMIN_CONFIG_FILE
- See Also:
- Constant Field Values
logger
private static org.apache.commons.logging.Log logger
accessList
private AccessControlListPDP.AccessControlList accessList
adminList
private AccessControlListPDP.AccessControlList adminList
config
private org.globus.security.authorization.ChainConfig config
AccessControlListPDP
public AccessControlListPDP()
initialize
public void initialize(java.lang.String chainName,
java.lang.String prefix_,
org.globus.security.authorization.ChainConfig config_)
throws org.globus.security.authorization.InitializeException
- Throws:
org.globus.security.authorization.InitializeException
initializeParam
protected void initializeParam()
throws org.globus.wsrf.config.ConfigException
- Specified by:
initializeParam in class BasePDPImpl
- Throws:
org.globus.wsrf.config.ConfigException
getPolicyNames
public java.lang.String[] getPolicyNames()
canAccess
public org.globus.security.authorization.Decision canAccess(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
throws org.globus.security.authorization.AuthorizationException
- Throws:
org.globus.security.authorization.AuthorizationException
canAdminister
public org.globus.security.authorization.Decision canAdminister(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
throws org.globus.security.authorization.AuthorizationException
- Throws:
org.globus.security.authorization.AuthorizationException
authorize
private org.globus.security.authorization.Decision authorize(org.globus.security.authorization.EntityAttributes reqEntity,
org.globus.security.authorization.EntityAttributes resourceEntity,
org.globus.security.authorization.EntityAttributes actionEntity,
boolean admin)
throws org.globus.security.authorization.AuthorizationException
- Throws:
org.globus.security.authorization.AuthorizationException
isPermitted
private org.globus.security.authorization.Decision isPermitted(javax.security.auth.Subject peer,
java.lang.String operation,
java.lang.String serviceName,
org.globus.security.authorization.EntityAttributes issuer,
org.globus.security.authorization.EntityAttributes req,
boolean admin)
throws org.globus.security.authorization.AuthorizationException
- Throws:
org.globus.security.authorization.AuthorizationException
getAccessFileName
private java.lang.String getAccessFileName(org.globus.security.authorization.ChainConfig config,
java.lang.String name)
getAdminFileName
private java.lang.String getAdminFileName(org.globus.security.authorization.ChainConfig config,
java.lang.String name)