Package com.sun.identity.liberty.ws.interfaces

Interface Authorizer

  • All Known Implementing Classes:
    DefaultDiscoAuthorizer, IDPPAuthorizer
    public interface Authorizer
    This class Authorizer is an interface for identity service to check authorization of a WSC.

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static String AUTH_TYPE
      Key of a parameter Map which contains information useful for policy evaluation.
      static String MESSAGE
      Key of a parameter Map which contains information useful for policy evaluation.
      static String USER_ID
      Key of a parameter Map which contains information useful for policy evaluation.

    • Field Detail

      • USER_ID

        static final String USER_ID
        Key of a parameter Map which contains information useful for policy evaluation. The value of this key is id of the user whose resource id being accessed.
        See Also:
        Constant Field Values

      • AUTH_TYPE

        static final String AUTH_TYPE
        Key of a parameter Map which contains information useful for policy evaluation. The value of this key is the authentication mechanism web service consumer used.
        See Also:
        Constant Field Values

      • MESSAGE

        static final String MESSAGE
        Key of a parameter Map which contains information useful for policy evaluation. The value of this key is com.sun.identity.liberty.ws.soapbinding.Message.
        See Also:
        Constant Field Values

    • Method Detail

      • isAuthorized

        boolean isAuthorized​(Object credential,
                     String action,
                     Object data,
                     Map env)
        Checks if the WSC is authorized to query or modify the select data.
        Parameters:
        credential - credential of a WSC.
        action - request action.
        data - Object who is being accessed.
        env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message .
        Returns:
        true if the WSC is authorized.

      • getAuthorizationDecision

        Object getAuthorizationDecision​(Object credential,
                                String action,
                                Object data,
                                Map env)
                         throws Exception
        Returns authorization decision for the given action(query or modify) and to the given select data
        Parameters:
        credential - credential of a WSC.
        action - request action.
        data - Object who is being accessed.
        env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message.
        Returns:
        AuthorizationDecision object contains authorization decision information for the given resource.
        Throws:
        Exception