com.sun.identity.liberty.ws.disco.plugins

Class DefaultDiscoAuthorizer

java.lang.Object

com.sun.identity.liberty.ws.disco.plugins.DefaultDiscoAuthorizer

All Implemented Interfaces:

Authorizer

public class DefaultDiscoAuthorizer
extends Object
implements Authorizer

This class DefaultDiscoAuthorizer provides a default implementation of the Authorizer interface.

Field Summary

Fields

Modifier and Type	Field and Description
static String	RESOURCE_SEPERATOR Separator for resource.

Fields inherited from interface com.sun.identity.liberty.ws.interfaces.Authorizer

AUTH_TYPE, MESSAGE, USER_ID

Constructor Summary

Constructors

Constructor and Description
DefaultDiscoAuthorizer() Default Constructor.

Method Summary

Modifier and Type	Method and Description
Object	getAuthorizationDecision(Object credential, String action, Object data, Map env) Returns authorization decision for the given action(query or modify) and to the given select data.
boolean	isAuthorized(Object credential, String action, Object data, Map env) Checks if the WSC is authorized to query or modify the select data.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

RESOURCE_SEPERATOR

public static final String RESOURCE_SEPERATOR

Separator for resource.

See Also:

Constant Field Values

Constructor Detail

DefaultDiscoAuthorizer

public DefaultDiscoAuthorizer()

Default Constructor.

Method Detail

isAuthorized

public boolean isAuthorized(Object credential,
                            String action,
                            Object data,
                            Map env)

Checks if the WSC is authorized to query or modify the select data.

Specified by:

isAuthorized in interface Authorizer

Parameters:

credential - credential of a WSC. In this implmentation, credential is the SSOToken of the WSC.

action - request action. In this implementation, action is either DiscoConstants.ACTION_LOOKUP or DiscoConstants.ACTION_UPDATE.

data - Object who is being accessed. In this implementation, data is of type ResourceOfferingType.

env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. In this implementation, the value is the userDN. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message.

Returns:

true if the WSC is authorized.

getAuthorizationDecision

public Object getAuthorizationDecision(Object credential,
                                       String action,
                                       Object data,
                                       Map env)
                                throws Exception

Returns authorization decision for the given action(query or modify) and to the given select data. Currently this method always returns null.

Specified by:

getAuthorizationDecision in interface Authorizer

Parameters:

credential - credential of a WSC.

action - request action.

data - Object who is being accessed.

env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message.

Returns:

AuthorizationDecision object contains authorization decision information for the given resource.

Throws:

Exception