org.globus.wsrf.impl.security.authorization
Class IdentityAuthzPDP
java.lang.Object
org.globus.wsrf.impl.security.authorization.BasePDPImpl
org.globus.wsrf.impl.security.authorization.IdentityAuthzPDP
- All Implemented Interfaces:
- java.io.Serializable, org.globus.security.authorization.Interceptor, org.globus.security.authorization.PDP, org.globus.security.authorization.PDPInterceptor
public class IdentityAuthzPDP
- extends BasePDPImpl
Does identity authorization and and implements PDP
and Authorization interface.
- See Also:
- Serialized Form
|
Field Summary |
static java.lang.String |
IDENTITY_PROP
|
private static org.apache.commons.logging.Log |
logger
|
protected javax.security.auth.Subject |
subject
|
|
Method Summary |
org.globus.security.authorization.Decision |
canAccess(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
Does identity authorization of the client.The expected identity can be
set by a) using contructor by passing an identity/subject b)
configuring a property idenAuthz-identityin the
PDPConfig object passed. |
org.globus.security.authorization.Decision |
canAdminister(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
|
java.lang.String |
getIdentity()
|
private javax.security.auth.Subject |
getSubject(java.lang.String identity)
|
void |
initialize(java.lang.String chainName,
java.lang.String prefix,
org.globus.security.authorization.ChainConfig config)
|
protected void |
initializeParam()
|
org.globus.security.authorization.Decision |
isPermitted(org.globus.security.authorization.EntityAttributes reqEntity,
org.globus.security.authorization.EntityAttributes envEntity)
|
private void |
readObject(java.io.ObjectInputStream ois)
|
private void |
writeObject(java.io.ObjectOutputStream oos)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
subject
protected javax.security.auth.Subject subject
logger
private static org.apache.commons.logging.Log logger
IDENTITY_PROP
public static final java.lang.String IDENTITY_PROP
- See Also:
- Constant Field Values
IdentityAuthzPDP
public IdentityAuthzPDP()
IdentityAuthzPDP
public IdentityAuthzPDP(javax.security.auth.Subject subject_)
IdentityAuthzPDP
public IdentityAuthzPDP(java.lang.String globusIdentity)
initialize
public void initialize(java.lang.String chainName,
java.lang.String prefix,
org.globus.security.authorization.ChainConfig config)
throws org.globus.security.authorization.InitializeException
- Throws:
org.globus.security.authorization.InitializeException
initializeParam
protected void initializeParam()
throws org.globus.wsrf.config.ConfigException
- Specified by:
initializeParam in class BasePDPImpl
- Throws:
org.globus.wsrf.config.ConfigException
canAccess
public org.globus.security.authorization.Decision canAccess(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
throws org.globus.security.authorization.AuthorizationException
- Does identity authorization of the client.The expected identity can be
set by a) using contructor by passing an identity/subject b)
configuring a property idenAuthz-identityin the
PDPConfig object passed. If the PDPConfig implementation used is
ServicePropertiesPDPConfig, then the
property needs to be set in service deployment descriptor, if
ResourcePDPConfig is used, then the property needs to be
populated in the hashmap in that class, if ContainerPDPConfig is
used then the property needs to be set as a global parameter in the
deployment descriptor.
- Throws:
org.globus.security.authorization.AuthorizationException
canAdminister
public org.globus.security.authorization.Decision canAdminister(org.globus.security.authorization.RequestEntities requestEntities,
org.globus.security.authorization.NonRequestEntities nonRequestEntities)
throws org.globus.security.authorization.AuthorizationException
- Throws:
org.globus.security.authorization.AuthorizationException
isPermitted
public org.globus.security.authorization.Decision isPermitted(org.globus.security.authorization.EntityAttributes reqEntity,
org.globus.security.authorization.EntityAttributes envEntity)
throws org.globus.security.authorization.AuthorizationException
- Throws:
org.globus.security.authorization.AuthorizationException
getIdentity
public java.lang.String getIdentity()
getSubject
private javax.security.auth.Subject getSubject(java.lang.String identity)
writeObject
private void writeObject(java.io.ObjectOutputStream oos)
throws java.io.IOException
- Throws:
java.io.IOException
readObject
private void readObject(java.io.ObjectInputStream ois)
throws java.io.IOException,
java.lang.ClassNotFoundException
- Throws:
java.io.IOException
java.lang.ClassNotFoundException