com.sun.identity.liberty.ws.interfaces

Interface Authorizer

All Known Implementing Classes:

DefaultDiscoAuthorizer, IDPPAuthorizer

public interface Authorizer

This class Authorizer is an interface for identity service to check authorization of a WSC.

Field Summary

Fields

Modifier and Type	Field and Description
static String	AUTH_TYPE Key of a parameter Map which contains information useful for policy evaluation.
static String	MESSAGE Key of a parameter Map which contains information useful for policy evaluation.
static String	USER_ID Key of a parameter Map which contains information useful for policy evaluation.

Method Summary

Modifier and Type	Method and Description
Object	getAuthorizationDecision(Object credential, String action, Object data, Map env) Returns authorization decision for the given action(query or modify) and to the given select data
boolean	isAuthorized(Object credential, String action, Object data, Map env) Checks if the WSC is authorized to query or modify the select data.

Field Detail

USER_ID

static final String USER_ID

Key of a parameter Map which contains information useful for policy evaluation. The value of this key is id of the user whose resource id being accessed.

See Also:

Constant Field Values

AUTH_TYPE

static final String AUTH_TYPE

Key of a parameter Map which contains information useful for policy evaluation. The value of this key is the authentication mechanism web service consumer used.

See Also:

Constant Field Values

MESSAGE

static final String MESSAGE

Key of a parameter Map which contains information useful for policy evaluation. The value of this key is com.sun.identity.liberty.ws.soapbinding.Message.

See Also:

Constant Field Values

Method Detail

isAuthorized

boolean isAuthorized(Object credential,
                     String action,
                     Object data,
                     Map env)

Checks if the WSC is authorized to query or modify the select data.

Parameters:

credential - credential of a WSC.

action - request action.

data - Object who is being accessed.

env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message .

Returns:

true if the WSC is authorized.

getAuthorizationDecision

Object getAuthorizationDecision(Object credential,
                                String action,
                                Object data,
                                Map env)
                         throws Exception

Returns authorization decision for the given action(query or modify) and to the given select data

Parameters:

credential - credential of a WSC.

action - request action.

data - Object who is being accessed.

env - A Map contains information useful for policy evaluation. The following key is defined and its value should be passed in: Key: USER_ID Value: id of the user whose resource is being accessed. Key: AUTH_TYPE Value: The authentication mechanism WSC used. Key: MESSAGE Value: com.sun.identity.liberty.ws.soapbinding.Message.

Returns:

AuthorizationDecision object contains authorization decision information for the given resource.

Throws:

Exception