com.sun.identity.wss.security.handler

Interface MessageAuthorizer

All Known Implementing Classes:

DefaultAuthorizer

public interface MessageAuthorizer

This interface provides a pluggable authorizer for the webservices to authorize the web service clients.

Method Summary

Modifier and Type	Method and Description
boolean	authorize(Subject subject, Object secureMessage, SecurityMechanism securityMechanism, SecurityToken securityToken, ProviderConfig config, boolean isLiberty) Authorizes the web services client.

Method Detail

authorize

boolean authorize(Subject subject,
                  Object secureMessage,
                  SecurityMechanism securityMechanism,
                  SecurityToken securityToken,
                  ProviderConfig config,
                  boolean isLiberty)
           throws SecurityException

Authorizes the web services client.

Parameters:

subject - authenticated subject.

secureMessage - the secure SOAPMessage. If the message security is provided by the WS-I profies, the secureMessage object is of type com.sun.identity.wss.security.handler.SecureSOAPMessage. If the message security is provided by the Liberty ID-WSF profiles, the secure message is of type com.sun.identity.liberty.ws.soapbinding.Message.

securityMechanism - the security mechanism that will be used to authenticate the web services client.

securityToken - the security token that is used.

config - the provider configuration.

isLiberty - boolean variable to indicate that the message security is provided by the liberty security profiles.

Throws:

SecurityException - if there is an exception during authorization.